Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update spec.bs - make join permission imply leave permission. #847

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

MattMenke2
Copy link
Contributor

@MattMenke2 MattMenke2 commented Oct 9, 2023

joinAdInterestGroup() can leave an interest group by using a duration of 0, so make a join permission imply a leave permission. Explainer has already been updated.

We could alternatively make denying leave permissions override allowing join permissions, if we thought that was safer, though would have to update the explainer as well.


Preview | Diff

joinAdInterestGroup() can leave an interest group by using a duration of 0, so make a join permission imply a leave permission.  Explainer has already been updated.

We could alternatively make denying leave permissions override allowing join permissions, if we thought that was safer, though would have to update the explainer as well.
@MattMenke2
Copy link
Contributor Author

MattMenke2 commented Oct 9, 2023

Note that going the other way would be a breaking change, while this direction will not break existing consumers. This should not reduce cross-origin security, because anything with join permissions can already effectively leave an interest group, though this will give access to clearOriginJoinedAdInterestGroups() as well, I suppose, when an origin has join permissions. That is a bit different from simply leaving IGs via join, though probably not concerningly so?

I'm open to either option, just laying out potential issues here.

@MattMenke2
Copy link
Contributor Author

One last thing - I'm going to hold off on implementing this in Chrome until this is signed off, since this does change behavior.

@qingxinwu qingxinwu added the spec Relates to the spec label Oct 10, 2023
@qingxinwu
Copy link
Collaborator

One last thing - I'm going to hold off on implementing this in Chrome until this is signed off, since this does change behavior.

We may need to go through some process to get approval if we want to make the change, before we can submit this PR and implemente the change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
spec Relates to the spec
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants