Issue metadata
Sign in to add a comment
|
Consider protocol handlers and custom search engines to be powerful features |
||||||||||||||||||||||
Issue descriptionWebsites can currently ask to install protocol handlers (notable, mailto:) or search engines (for "Tab to search" [1][2]) when users visit. For protocol handlers, the user must click on a page action indicator to approve the handler. Search engines are added automatically if the user visits a site that asks, or performs a certain search on a site [1]. Once installed, a handler allows sites to intercept links and queries that are reasonably likely to be valuable/sensitive to the user. I would like us to consider protocol handlers and custom search engines these to be powerful features [3][4] and disable the normal installation process from non-secure origins. (However, it seems okay to me to allow users to explicitly add insecure origins as handlers in settings if they want.) jww@, how do we go about defining what is a powerful feature? Should we start by measuring usage on secure vs. insecure origins? Is there an a priori process that possibly disqualifies these from being considered secure features? [1] https://www.chromium.org/tab-to-search [2] Also see 616996 (currently restricted). [3] https://www.chromium.org/Home/chromium-security/deprecating-powerful-features-on-insecure-origins [4] https://www.w3.org/TR/secure-contexts/
,
Jun 10 2016
I think this is a good idea. +mkwst
,
Jun 10 2016
Do we have any metrics about these?
,
Jun 10 2016
I also think this is a good idea. Did you want to run with this, Lucas? If so, godspeed. :)
,
Jun 10 2016
I'm adding metrics in https://codereview.chromium.org/2053343002 (Sorry Lucas. It was trivial, and I had time to kill this afternoon; I would love it if you would drive the rest!)
,
Jun 16 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/4116ecfd83c67233efa77ce355da4b3a53895141 commit 4116ecfd83c67233efa77ce355da4b3a53895141 Author: mkwst <mkwst@chromium.org> Date: Thu Jun 16 14:07:30 2016 Add use counters for secure/insecure OpenSearch links and registerProtocolHandler BUG=617003 Review-Url: https://codereview.chromium.org/2053343002 Cr-Commit-Position: refs/heads/master@{#400148} [modify] https://crrev.com/4116ecfd83c67233efa77ce355da4b3a53895141/third_party/WebKit/Source/core/dom/Document.cpp [modify] https://crrev.com/4116ecfd83c67233efa77ce355da4b3a53895141/third_party/WebKit/Source/core/frame/UseCounter.h [modify] https://crrev.com/4116ecfd83c67233efa77ce355da4b3a53895141/third_party/WebKit/Source/modules/navigatorcontentutils/NavigatorContentUtils.cpp [modify] https://crrev.com/4116ecfd83c67233efa77ce355da4b3a53895141/tools/metrics/histograms/histograms.xml
,
Jun 30 2016
,
Oct 19 2016
,
Nov 22 2016
,
Jan 11 2017
FWIW, I really think we should NOT consider search engines to be "powerful features" and restrict them. I'd like to understand better the benefits that that would be seen to provide (i think they're low). The costs of doing this are high.
,
Jan 11 2017
(See also bug 616996 comment 7.)
,
Nov 10 2017
,
Dec 1 2017
,
Feb 18 2018
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by f...@chromium.org
, Jun 3 2016