Security/Iframe Sandbox allow-popups
Status
| allow-popups (part of iframe sandbox) | |
| Stage | Shipped |
| Status | Complete |
| Release target | Firefox 27 |
| Health | OK |
| Status note | ` |
{{#set:Feature name=allow-popups (part of iframe sandbox)
|Feature stage=Shipped |Feature status=Complete |Feature version=Firefox 27 |Feature health=OK |Feature status note=` }}
Team
| Product manager | Sid Stamm |
| Directly Responsible Individual | Bob Owen |
| Lead engineer | Bob Owen |
| Security lead | Sid Stamm |
| Privacy lead | ` |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | ` |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | Ian Melven (can mentor) |
{{#set:Feature product manager=Sid Stamm
|Feature feature manager=Bob Owen |Feature lead engineer=Bob Owen |Feature security lead=Sid Stamm |Feature privacy lead=` |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=` |Feature ux lead=` |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=Ian Melven (can mentor) }}
Open issues/risks
| ID | Summary | Status |
|---|---|---|
| 939642 | Intermittent test_iframe_sandbox_popups_inheritance.html | Test timed out (and more) | NEW |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Stage 1: Definition
1. Feature overview
Using the iframe sandbox plumbing, developers want the ability to let an iframe cause popups.
W3C working group change proposal
See bug 766282#c1
2. Users & use cases
From the w3 change proposal: "As a simple example, consider hosting a maps control in a page. The maps control is hosted from another domain and outside the hosting author’s control. Such a mash-up is a perfect use case for HTML5 Sandbox. However, many of these types of controls include links that are targeted to open in a new browsing context. There is an example of such a scenario at the IE Test Drive site (requires an HTML5 Sandbox supporting browser, such as IE10 Platform Preview 2, Chrome, or Safari)."
3. Dependencies
`
4. Requirements
`
Non-goals
`
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
`
{{#set:Feature open issues and risks=
| ID | Summary | Status |
|---|---|---|
| 939642 | Intermittent test_iframe_sandbox_popups_inheritance.html | Test timed out (and more) | NEW |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
|Feature overview=Using the iframe sandbox plumbing, developers want the ability to let an iframe cause popups.
W3C working group change proposal
See bug 766282#c1 |Feature users and use cases=From the w3 change proposal: "As a simple example, consider hosting a maps control in a page. The maps control is hosted from another domain and outside the hosting author’s control. Such a mash-up is a perfect use case for HTML5 Sandbox. However, many of these types of controls include links that are targeted to open in a new browsing context. There is an example of such a scenario at the IE Test Drive site (requires an HTML5 Sandbox supporting browser, such as IE10 Platform Preview 2, Chrome, or Safari)." |Feature dependencies=` |Feature requirements=` |Feature non-goals=` |Feature functional spec=` |Feature ux design=` |Feature implementation plan=` |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=` |Feature landing criteria=` }}
Feature details
| Priority | P3 |
| Rank | 999 |
| Theme / Goal | Web Hardening |
| Roadmap | Security |
| Secondary roadmap | ` |
| Feature list | ` |
| Project | ` |
| Engineering team | ` |
{{#set:Feature priority=P3
|Feature rank=999 |Feature theme=Web Hardening |Feature roadmap=Security |Feature secondary roadmap=` |Feature list=` |Feature project=` |Feature engineering team=` }}
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
{{#set:Feature products status=`
|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=` |Feature security health=` |Feature security notes=` |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}