Add Restricting Document Access of Same Origin Documents (harmful)

Closes #197.
mozilla · Apr 7, 2020 · 6372755 · 6372755
1 parent 30f1adb
commit 6372755
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/activities.json b/activities.json
@@ -443,6 +443,18 @@
     "title": "Reporting API",
     "url": "https://w3c.github.io/reporting"
   },
+  {
+    "ciuName": null,
+    "description": "A way to force an embedded document and descendants (regardless of origin) into each having their own agent/event loop.",
+    "id": "documentaccess",
+    "mozBugUrl": null,
+    "mozPosition": "harmful",
+    "mozPositionDetail": "Changing control flow of cross-origin documents without their consent is not something we should expand upon (i.e., beyond what sandboxing allows) as it could enable attack vectors. Furthermore, forcing same-origin documents in the same browsing context group to be in different agents is a major architectural change and this does not offer enough advantages to make such a change.",
+    "mozPositionIssue": 197,
+    "org": "Proposal",
+    "title": "Restricting Document Access of Same Origin Documents",
+    "url": "https://github.com/dtapuska/documentaccess"
+  },
   {
     "ciuName": null,
     "description": "This document specifies an API that allows web applications to request a screen wake lock. Under the right conditions, and if allowed, the screen wake lock prevents the system from turning off a device's screen.",