Consider dropping support for legacy referrer policies |
||
Issue descriptionRight now the kReferrerPolicySupportLegacyKeywords enum member is used in a number of places that presumably took advantage of the referrer policy spec when it was first introduced. This allows for the support of legacy referrer policy keywords in weborigin/security_policy [1]. I'm updating the script element and script fetching in general to support referrer policies. For this, I'm not supporting legacy keywords (using the other enum member to indicate this), and neither do many other things that support referrer policy that have been added of late. I'm wondering if we could possibly, or if there are any plans to, remove the support for the legacy keywords update some of the older element and fetching code that uses legacy referrer policy keywords to no longer support these. Seems worth at least collecting data on and seeing if it might be safe to remove? [1]: https://cs.chromium.org/chromium/src/third_party/blink/renderer/platform/weborigin/security_policy.h?l=44
,
May 18 2018
Sounds, good, once this gets some more triage attention I'm happy to own it if that is alright with estark@, and submit necessary CLs etc.
,
Jun 13 2018
I think it's worth getting some data on this, but I think we should be conservative about dropping support -- any existing uses of the legacy keywords will become privacy leaks if we stop supporting them.
,
Jun 14 2018
Makes sense to me. I have yet to collect data but I’ll report back once I do, thanks. |
||
►
Sign in to add a comment |
||
Comment 1 by ellyjo...@chromium.org
, May 18 2018Owner: est...@chromium.org
Status: Assigned (was: Unconfirmed)