Contact emailsfer...@chromium.com Explainer https://github.com/fergald/docs/blob/master/explainers/permissions-policy-unload.md
Specificationhttps://github.com/whatwg/html/pull/7915 Summary This feature allows pages to disable the running of unload event handlers. The goal is to : - allow sites that have removed all unload handlers to ensure they do not accidentally add new ones - allow sites to remove unload handlers when updating the code is infeasible Unload event handlers are problematic for various reasons and prevent use of BFCache on Desktop (see https://web.dev/bfcache/#never-use-the-unload-event). Blink componentBlink>PermissionsAPI <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPermissionsAPI> TAG reviewhttps://github.com/w3ctag/design-reviews/issues/738 TAG review statusPending Risks Interoperability and Compatibility 3rd-party frames that rely on unload may not work as expected when navigating away. This is solvable by the frame authors by use of alternatives to unload and is unlikely to impact users. See detailed discussion. https://github.com/fergald/docs/blob/master/explainers/permissions-policy-unload.md#concerns-about-giving-embedders-control-over-the-nonexecution-of-iframe-code *Gecko*: Negative ( https://github.com/w3c/webappsec-permissions-policy/issues/444#issuecomment-1047829132) FF objects to this similar to sync-xhr and document-domain providing a way to cause cross-origin interference with script. Explainer addresses this ( https://github.com/fergald/docs/blob/master/explainers/permissions-policy-unload.md#concerns-about-giving-embedders-control-over-the-nonexecution-of-iframe-code) This is not a formal FF position, we will request a formal position soon. *WebKit*: No signal *Web developers*: Positive Private discussions with devs are positive. Sites that have made efforts to remove all unload handlers want to use this to prevent accidental returns. Also some providers of 3rd-party iframes which have content outside of their control (e.g. ad network) want to guarantee themselves to be unload-free. https://github.com/w3c/webappsec-permissions-policy/issues/444#issuecomment-1130401722 Also positive feedback about using this to deny unload as a source of security problems. https://github.com/w3c/webappsec-permissions-policy/issues/444#issuecomment-1222973324 *Other signals*: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? none known Goals for experimentation - Validate that this allows sites using it to improve their BFCache hit rate Ongoing technical constraints Debuggability N/A Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?Yes Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ?Yes Flag namechrome://flags#enable-experimental-web-platform-features or --enable-features=PermissionsPolicyUnload Requires code in //chrome?False Tracking bughttps://crbug.com/1324111 Launch bughttps://crbug.com/1357927#c16 Estimated milestones DevTrial on desktop 107 DevTrial on Android 107 Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5760325231050752 Links to previous Intent discussionsIntent to prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAAozHLkvhEtVOkvW4iXCbMf5a84ypGjD4arZtpS%3D0Okx6BPDdQ%40mail.gmail.com <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAAozHLkvhEtVOkvW4iXCbMf5a84ypGjD4arZtpS=0okx6bp...@mail.gmail.com> This intent message was generated by Chrome Platform Status <https://chromestatus.com/>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAAozHLns1p1P97p0Q%2BkQ3X1X9Q7qxKSD5Pk2McsWE5N79%2BXJbQ%40mail.gmail.com.