TrustedAuthority

When a page access one or more privilege APIs, the UA would create a request object to ask Trusted Authority to authorize the access.

request

{
  APIs: ["name", "of", "APIs"],
  location: "page url", // The page being viewed
  hash: "SHA256(content of the page)",
  resources: [          // Resources being accessed by the page.
    {location: "URL of the resource 1", hash: "SHA256(content1)", executable: true},
    {location: "URL of the resource 2", hash: "SHA256(content2)", executable: false},
    {....}....]
}

response

{
  authorizeLocation: "page url",
  APIs: ["name", "of", "APIs"]
}

The Trusted Authority can authorize more APIs than requested for performance reason. The UA needs to redo authorization for loading more executable resources (JS code). (How about loading more non-executable resources?)

The Trusted Authority would be run as an addon or service page at local, but talk to remote server hosted by the Trusted Authority.

function handler(request) {
  checkRequstAtRemoteOrLocalDataCache(request);
  if (the request is denied) {
    return;
  }
  ...
  return {... reponse ...};
}
TrustedAuthority.registerAuthorizingHandler(handler);

Remove all authorized requests of given URLs.

TrustedAuthority.revokeAuthorization(["URL", "of", "pages", ....]);

Remove all authorized requests with given prefixes.

TrustedAuthority.reovkePrefixAuthorization(["prefix", "pathes", ...]);

Trusted Authorities are responsible for checking and making sure the page and resources safe to use the API. A Trusted Authority may review the page and code, backup the site content for later checking, or make a contract with the site to make sure the site following the policy made by the Trusted Authority.

Users would choose a Trusted Authority trusted by himself. They may paid for the service provided by the Trusted Authority, or for free.