惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Google DeepMind News
Google DeepMind News
C
CERT Recently Published Vulnerability Notes
C
Cisco Blogs
Cloudbric
Cloudbric
The Last Watchdog
The Last Watchdog
L
LINUX DO - 热门话题
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Security Archives - TechRepublic
Security Archives - TechRepublic
TaoSecurity Blog
TaoSecurity Blog
V2EX - 技术
V2EX - 技术
H
Heimdal Security Blog
S
Security Affairs
L
Lohrmann on Cybersecurity
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
WordPress大学
WordPress大学
小众软件
小众软件
Security Latest
Security Latest
AWS News Blog
AWS News Blog
Apple Machine Learning Research
Apple Machine Learning Research
GbyAI
GbyAI
Engineering at Meta
Engineering at Meta
阮一峰的网络日志
阮一峰的网络日志
罗磊的独立博客
F
Full Disclosure
S
Schneier on Security
L
LangChain Blog
MyScale Blog
MyScale Blog
Know Your Adversary
Know Your Adversary
P
Privacy International News Feed
Google Online Security Blog
Google Online Security Blog
Scott Helme
Scott Helme
Stack Overflow Blog
Stack Overflow Blog
爱范儿
爱范儿
A
Arctic Wolf
Martin Fowler
Martin Fowler
B
Blog RSS Feed
大猫的无限游戏
大猫的无限游戏
博客园 - 三生石上(FineUI控件)
The Register - Security
The Register - Security
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
博客园_首页
Latest news
Latest news
F
Fortinet All Blogs
G
GRAHAM CLULEY
T
The Exploit Database - CXSecurity.com
Hacker News: Ask HN
Hacker News: Ask HN

Recent Commits to web-share:main

Merge pull request #289 from siusin/main · w3c/web-share@e871726 update the editor list · w3c/web-share@a296150 Editorial: fix typos and markup · w3c/web-share@3faf529 Editorial: fix typo (#283) · w3c/web-share@bc1468c Merge pull request #277 from w3c/WebShare-rec · w3c/web-share@0b15b86 chore: prepare for REC · w3c/web-share@aa811f9 chore: fix wrong pass rate · w3c/web-share@e441b96 chore: remove explanation of failures col · w3c/web-share@f511e0b chore: move disabled-by-permissions-policy.https.sub.html to excluded… · w3c/web-share@6681897 chore: tidy · w3c/web-share@0eaf73c Editorial: note canShare is not future compatible (#273) · w3c/web-share@7f78426 Editorial: add static implementation report (#274) · w3c/web-share@0a7a70c Editorial: fix IDL linking · w3c/web-share@35980bb Editorial: explain Changelog · w3c/web-share@c4b6677 chore: clean up changelog · w3c/web-share@aa0cb86 chore: tidy · w3c/web-share@8a04511 Editorial: improve a11y guidelines for share sheet (#270) · w3c/web-share@49300de Editorial: thank wide review groups in acknowledgements (#269) · w3c/web-share@783e54b Editorial: switch to 'terminate this algorithm' (#268) · w3c/web-share@5c9977c
Make Permissions-Policy HTTP header OPTIONAL (#275) · w3c/web-share@d0ea0fe
marcoscacere · 2023-03-01 · via Recent Commits to web-share:main
Original file line numberDiff line numberDiff line change

@@ -716,6 +716,10 @@ <h2>

716716

allowlist/'self'=], which means third-party contexts are not [=allowed

717717

to use=] the API by default.

718718

</p>

719+

<p>

720+

It is OPTIONAL for user agents to support

721+

[[[PERMISSIONS-POLICY]]]'s `Permissions-Policy` HTTP header.

722+

</p>

719723

<p>

720724

Developers can use the means afforded by the [[[permissions-policy]]]

721725

specification to control if and when a third-party context is [=allowed

@@ -725,7 +729,7 @@ <h2>

725729

<p>

726730

Although user agents are unified in preventing the Web Share API from

727731

being used in third-party context, at the time of publication there

728-

are interoperability with relying on the [[[Permissions-Policy]]] to

732+

are interoperability issues with relying on the [[[Permissions-Policy]]] to

729733

enable the API in third-party contexts. In particular, although

730734

the[^iframe/allow^] attribute is widely supported, the updated syntax

731735

for the [^iframe/allow^] attribute is not. Similarly, the

@@ -734,6 +738,11 @@ <h2>

734738

[[[Permissions-Policy]]] specification before relying on it to enable

735739

the Web Share API in third-party contexts.

736740

</p>

741+

<p>

742+

When the `Permissions-Policy` HTTP header is more widely supported,

743+

the Working Group expects to revise this specification

744+

to require support for the header.

745+

</p>

737746

</aside>

738747

</section>

739748

<section class="informative" id="a11y">