Update spec.bs - make join permission imply leave permission. #847
Conversation
joinAdInterestGroup() can leave an interest group by using a duration of 0, so make a join permission imply a leave permission. Explainer has already been updated. We could alternatively make denying leave permissions override allowing join permissions, if we thought that was safer, though would have to update the explainer as well.
|
Note that going the other way would be a breaking change, while this direction will not break existing consumers. This should not reduce cross-origin security, because anything with join permissions can already effectively leave an interest group, though this will give access to clearOriginJoinedAdInterestGroups() as well, I suppose, when an origin has join permissions. That is a bit different from simply leaving IGs via join, though probably not concerningly so? I'm open to either option, just laying out potential issues here. |
|
One last thing - I'm going to hold off on implementing this in Chrome until this is signed off, since this does change behavior. |
We may need to go through some process to get approval if we want to make the change, before we can submit this PR and implemente the change. |
joinAdInterestGroup() can leave an interest group by using a duration of 0, so make a join permission imply a leave permission. Explainer has already been updated.
We could alternatively make denying leave permissions override allowing join permissions, if we thought that was safer, though would have to update the explainer as well.
Preview | Diff