Update behavior, name of Feature Policy #842
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alcooper91
reviewed
Sep 13, 2019
index.bs
Outdated
| @@ -2205,7 +2206,7 @@ Integrations {#integrations} | |||
| Feature Policy {#feature-policy} | |||
| -------------- | |||
|
|
|||
| This specification defines a [=policy-controlled feature=] that controls whether the {{Navigator/xr}} attribute is exposed on the {{Navigator}} object. | |||
| This specification defines a [=policy-controlled feature=] that controls whether the any {{XRSession}}s may be returned by {{XR/requestSession()}} and whether {{XR/supportsSession()}} indicates that any session mode is supported. | |||
There was a problem hiding this comment.
We should also consider the behavior of device change events
There was a problem hiding this comment.
Great catch! I've updated the PR to also indicate that devicechange events shouldn't fire when the feature policy is not set.
alcooper91
reviewed
Sep 16, 2019
index.bs
Outdated
| @@ -273,6 +273,7 @@ The <dfn method for="XR">supportsSession(|mode|)</dfn> method queries if a given | |||
| When this method is invoked, it MUST run the following steps: | |||
|
|
|||
| 1. Let |promise| be [=a new Promise=]. | |||
| 1. If the requesting document's origin is not allowed to use the WebXR [[#feature-policy|feature policy]], [=reject=] |promise| with a "{{SecurityError}}" {{DOMException}} and abort these steps. | |||
There was a problem hiding this comment.
It looks like this is the supportsSession algorithm, should this be done for requestSession as well?
There was a problem hiding this comment.
Ahh, requestSession I see that it's buried in the "Trustworthy" and "request inline" sessions. Perhaps it should be unified up here to match the early bail out of supportsSession?
Also, if the decision is made to not make this change for whatever reason, should that logic be removed?
toji
force-pushed
the
new-feature-policy
branch
from
48e923f to
7cbd425
Compare
|
After discussion at TPAC, updated this to conform to what sounds like the general direction the group wants to go. Proposed feature policy is now |
Manishearth
approved these changes
Sep 19, 2019
toji
changed the title
toji
force-pushed
the
new-feature-policy
branch
from
7cbd425 to
89b3c30
Compare
alcooper91
reviewed
Sep 19, 2019
There was a problem hiding this comment.
I'm really happy with the direction we've taken this. Thanks to @dontcallmedom for the suggestion!
Overall I think this PR is great; just a few nits. However, I do think some of the reasoning behind why immersive sessions are always impacted by this feature policy gets a bit lost in the details. Perhaps some non-normative text that explicitly points out the connection would be all that's needed to remedy it.
index.bs
Outdated
| @@ -417,53 +418,61 @@ Future iterations of this specification and additional modules may expand the li | |||
|
|
|||
| Note: Features are accepted as an array of <code>any</code> values to ensure forwards compatibility. It allows unrecognized optional values to be properly ignored as new [=feature descriptor=] types are added. | |||
|
|
|||
| Some {{XRSessionMode}}s enable certain [=feature descriptors=] as [=optional features=] by default. This is only done if the feature does not require a signal of [=user intent=] nor impact performance or the behavior of other features when enabled. The following table describes the <dfn>default features</dfn> associated with each session: | |||
| Depending on the {{XRSessionMode}} requested, certain [=feature descriptors=] are added to the {{XRSessionInit/requiredFeatures}} or {{XRSessionInit/optionalFeatures}} lists by default. This is only done if the feature does not require a signal of [=user intent=] nor impact performance or the behavior of other features when enabled. The following table describes the <dfn>default features</dfn> associated with each session type and feature list: | |||
There was a problem hiding this comment.
This is only done if the feature does not require a signal of [=user intent=] nor impact performance or the behavior of other features when enabled
We should probably make this sentence a bit more flexible
There was a problem hiding this comment.
Feeling like we should just drop that line entirely? We can put whatever criteria we want in the table below.
|
Updated to address review feedback. Thanks! |
NellWaliczek
approved these changes
Sep 20, 2019
|
|
||
| The feature identifier for this feature is <code>"xr-spatial-tracking"</code>. | ||
|
|
||
| The [=default allowlist=] for this feature is <code>["self"]</code>. | ||
|
|
||
| Note: If the document's origin is not allowed to use the <code>"xr-spatial-tracking"</code> feature policy any [=immersive sessions=] will be blocked, because all [=immersive sessions=] require some use of spatial tracking. [=Inline sessions=] will still be allowed, but restricted to only using the {{XRReferenceSpaceType/"viewer"}} {{XRReferenceSpace}}. |
There was a problem hiding this comment.
[=Inline sessions=] will still be allowed, but restricted to only using the {{XRReferenceSpaceType/"viewer"}} {{XRReferenceSpace}}.
how about
[=Inline sessions=] will still be allowed, but requestSession will only succeed if no reference spaces are listed in the [=required features=] array. These sessions will only be capable of creating an {{XRReferenceSpaceType/"viewer"}} {{XRReferenceSpace}}.
|
Just a thought following one of my comments during the meeting: I wonder if we can and should grant feature-id that are needed to run a WebXR polyfill (e.g. accelerometer, magnetomer?, gyroscope) when xr-spatial-tracking is granted - this would enable the polyfill to run in that situation. ("should" is whether this is a useful use case to cater for, "can" is whether this is a concept that either already exists or would be considered by the feature policy team) |
This was referenced Sep 21, 2019
Closed
|
Updated to incorporate Nell's suggestion.
That would only work for browsers that actually have a WebXR implementation, and my impression from talking with the TAG last week was that using polyfills to prop up the functionality of a native implementation was "weird". :) /agenda to ensure that all WG members have an opportunity to look over this change prior to landing it, which will ideally happen this week. |
|
Is there a tracking bug to add this to the feature policy spec? |
|
That's a good point. Given how the feature policy spec is structured, we'll actually want to update https://github.com/w3c/webappsec-feature-policy/blob/master/features.md, but regardless we should put up a PR to make that change. I'll file it now. |
toji
force-pushed
the
new-feature-policy
branch
from
e152456 to
e685a41
Compare
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Sep 30, 2019
As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug:1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Sep 30, 2019
As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug:1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Sep 30, 2019
As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug:1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Sep 30, 2019
As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug:1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Oct 1, 2019
As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug:1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c
aarongable
pushed a commit
to chromium/chromium
that referenced
this pull request
Oct 1, 2019
As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug: 1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808800 Commit-Queue: Alexander Cooper <alcooper@chromium.org> Reviewed-by: Brandon Jones <bajones@chromium.org> Reviewed-by: Ian Clelland <iclelland@chromium.org> Reviewed-by: Jacob DeWitt <jacde@chromium.org> Auto-Submit: Alexander Cooper <alcooper@chromium.org> Cr-Commit-Position: refs/heads/master@{#701740}
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Oct 1, 2019
As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug: 1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808800 Commit-Queue: Alexander Cooper <alcooper@chromium.org> Reviewed-by: Brandon Jones <bajones@chromium.org> Reviewed-by: Ian Clelland <iclelland@chromium.org> Reviewed-by: Jacob DeWitt <jacde@chromium.org> Auto-Submit: Alexander Cooper <alcooper@chromium.org> Cr-Commit-Position: refs/heads/master@{#701740}
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Oct 1, 2019
As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug: 1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808800 Commit-Queue: Alexander Cooper <alcooper@chromium.org> Reviewed-by: Brandon Jones <bajones@chromium.org> Reviewed-by: Ian Clelland <iclelland@chromium.org> Reviewed-by: Jacob DeWitt <jacde@chromium.org> Auto-Submit: Alexander Cooper <alcooper@chromium.org> Cr-Commit-Position: refs/heads/master@{#701740}
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this pull request
Oct 14, 2019
…or to match spec, a=testonly Automatic update from web-platform-tests Update xr feature policy name and behavior to match spec As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug: 1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808800 Commit-Queue: Alexander Cooper <alcooper@chromium.org> Reviewed-by: Brandon Jones <bajones@chromium.org> Reviewed-by: Ian Clelland <iclelland@chromium.org> Reviewed-by: Jacob DeWitt <jacde@chromium.org> Auto-Submit: Alexander Cooper <alcooper@chromium.org> Cr-Commit-Position: refs/heads/master@{#701740} -- wpt-commits: dc17f8c8e3372dd30ce98d542874843f87726e8e wpt-pr: 19119
xeonchen
pushed a commit
to xeonchen/gecko
that referenced
this pull request
Oct 14, 2019
…or to match spec, a=testonly Automatic update from web-platform-tests Update xr feature policy name and behavior to match spec As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug: 1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808800 Commit-Queue: Alexander Cooper <alcooper@chromium.org> Reviewed-by: Brandon Jones <bajones@chromium.org> Reviewed-by: Ian Clelland <iclelland@chromium.org> Reviewed-by: Jacob DeWitt <jacde@chromium.org> Auto-Submit: Alexander Cooper <alcooper@chromium.org> Cr-Commit-Position: refs/heads/master@{#701740} -- wpt-commits: dc17f8c8e3372dd30ce98d542874843f87726e8e wpt-pr: 19119
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-comments-removed
that referenced
this pull request
Oct 16, 2019
…or to match spec, a=testonly Automatic update from web-platform-tests Update xr feature policy name and behavior to match spec As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug: 1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808800 Commit-Queue: Alexander Cooper <alcooperchromium.org> Reviewed-by: Brandon Jones <bajoneschromium.org> Reviewed-by: Ian Clelland <iclellandchromium.org> Reviewed-by: Jacob DeWitt <jacdechromium.org> Auto-Submit: Alexander Cooper <alcooperchromium.org> Cr-Commit-Position: refs/heads/master{#701740} -- wpt-commits: dc17f8c8e3372dd30ce98d542874843f87726e8e wpt-pr: 19119 UltraBlame original commit: 0d34ec0cb3b41dbc57243f1ebc1e77a840bba80e
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified-and-comments-removed
that referenced
this pull request
Oct 16, 2019
…or to match spec, a=testonly Automatic update from web-platform-tests Update xr feature policy name and behavior to match spec As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug: 1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808800 Commit-Queue: Alexander Cooper <alcooperchromium.org> Reviewed-by: Brandon Jones <bajoneschromium.org> Reviewed-by: Ian Clelland <iclellandchromium.org> Reviewed-by: Jacob DeWitt <jacdechromium.org> Auto-Submit: Alexander Cooper <alcooperchromium.org> Cr-Commit-Position: refs/heads/master{#701740} -- wpt-commits: dc17f8c8e3372dd30ce98d542874843f87726e8e wpt-pr: 19119 UltraBlame original commit: 0d34ec0cb3b41dbc57243f1ebc1e77a840bba80e
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified
that referenced
this pull request
Oct 16, 2019
…or to match spec, a=testonly Automatic update from web-platform-tests Update xr feature policy name and behavior to match spec As a result of TPAC there were some spec changes to the xr feature policy (FP). These were made in: immersive-web/webxr#842 The following changes were needed to become spec compliant: * rename FP from "xr" to "xr-spatial-tracking" * supportsSession always resolves for "inline" * supportsSession rejects for immersive-vr with a SecurityError if FP not set * default features per mode are now required features for that mode * requestSession does not unconditionally reject if FP is not set, instead resolving specific features now depends on FP status. * While resolving features, if any required features depend on a missing FP, the requestSession call will fail with a "NotSupportedError" * While resolving features, if any optional features depend on a missing FP, those features will be silently ignored. * devicechange events will not fire for documents that do not have FP set. Bug: 1003842 Change-Id: Ie9ae16b5c1d863b730e556b511c024bae8a4503c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808800 Commit-Queue: Alexander Cooper <alcooperchromium.org> Reviewed-by: Brandon Jones <bajoneschromium.org> Reviewed-by: Ian Clelland <iclellandchromium.org> Reviewed-by: Jacob DeWitt <jacdechromium.org> Auto-Submit: Alexander Cooper <alcooperchromium.org> Cr-Commit-Position: refs/heads/master{#701740} -- wpt-commits: dc17f8c8e3372dd30ce98d542874843f87726e8e wpt-pr: 19119 UltraBlame original commit: 0d34ec0cb3b41dbc57243f1ebc1e77a840bba80e
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Not intended for merge until discussed at the TPAC /facetoface
Would fix #823 if the working group agreed to the suggested behavioral change from that issue. For a broader look at the editors proposed approach to Feature Policy handling within the Immersive Web APIs, please see https://docs.google.com/document/d/1RZTL69JsTxoJUyXNnu_2v0PPILqrDpYW3ZxDjMAqQ-M/edit?usp=sharing, which will also be discussed at the face to face.