On 11/15/18 4:17 PM, Andrea Marchesini wrote:
I think we should implement this API for these reasons:
OK. I guess we should keep an eye on the privacy implications, but
otherwise probably fine to go ahead.
-Boris
___
dev-platform mailing list
dev-
I think there is value in supporting this API, both for web developers and
for us (e.g. in order to help us deprecate and remove APIs more easily). I
go back and forth on the question of the privacy impact of the API, since
the fact that the reports are exposed both to JS and HTTP layers means tha
There is a proposal to support "report-only" violations for feature policy:
https://github.com/WICG/feature-policy/blob/824de86f89599240c24b5ae3cd58d25984446af5/reporting.md
I think we should implement this API for these reasons:
a. it unifies the reporting of violations and interventions. At the
On 11/15/18 9:52 AM, Ehsan Akhgari wrote:
The idea is to use Feature Policy in report-only mode
There is no report-only mode in the Feature Policy spec, nor in our
implementation. See the note at the end of
https://wicg.github.io/feature-policy/#reporting
So I'm back to my question: is thi
On Wed, Nov 14, 2018 at 11:20 AM Boris Zbarsky wrote:
> On 11/13/18 4:33 AM, Andrea Marchesini wrote:
> > I decided to implement this API, because it is required in the
> > web-platform-tests for FeaturePolicy.
>
> Is it needed for any other reason? If not, this seems like a bug in the
> tests:
On Wed, Nov 14, 2018 at 10:58 AM Tom Ritter wrote:
> On Wed, Nov 14, 2018 at 3:17 PM Ehsan Akhgari
> wrote:
> > What are your plans with regards to implementing the second part? Can
> > these reports be sent cross-origin? (From the spec, it seems like the
> > answer is yes.) If so, how are yo
On 11/13/18 10:33 AM, Andrea Marchesini wrote:
*Summary*: Reporting API allows the page to receive notifications such as
the usage of deprecated APIs and FeaturePolicy violations.
I decided to implement this API, because it is required in the
web-platform-tests for FeaturePolicy.
Reporting API c
> Is it needed for any other reason? If not, this seems like a bug in the
> tests: they should not be coupling the two specs together.
>
Well, in this way, these 2 APIs can test each other: we could use
deprecated APIs to check ReportingObserver notifications, but there is not
a common set of dep
On 11/13/18 4:33 AM, Andrea Marchesini wrote:
I decided to implement this API, because it is required in the
web-platform-tests for FeaturePolicy.
Is it needed for any other reason? If not, this seems like a bug in the
tests: they should not be coupling the two specs together.
-Boris
__
On Wed, Nov 14, 2018 at 3:17 PM Ehsan Akhgari wrote:
> What are your plans with regards to implementing the second part? Can
> these reports be sent cross-origin? (From the spec, it seems like the
> answer is yes.) If so, how are you planning to handle issues such as
> sending these reports to
On Tue, Nov 13, 2018 at 4:33 AM Andrea Marchesini
wrote:
> Reporting API covers 2 different features:
> a. reporting to the current page, via ReportingObserver
> b. reporting to a remote server, known via 'report-to' HTTP header.
> My implementation covers only the first aspect. However I also ha
*Summary*: Reporting API allows the page to receive notifications such as
the usage of deprecated APIs and FeaturePolicy violations.
I decided to implement this API, because it is required in the
web-platform-tests for FeaturePolicy.
Reporting API covers 2 different features:
a. reporting to the c
12 matches
Mail list logo
