Hi, On Thu, Aug 20, 2020 at 8:51 AM Domenic Denicola <d@domenic.me> wrote:
Hello webkit-dev,
I've been working on a new header called Origin-Isolation, which is a way of allowing origins to opt-out of using document.domain and cross-origin sharing of WebAssembly.Module, and thus allowing the browser to put them into an origin-keyed agent cluster instead of a site-keyed one. This could in turn allow the browser to make better behind-the-scenes decisions for process isolation, or other resource allocation decisions, since sites no longer have any ways to synchronously communicate cross-origin.
We haven't had a chance to fully review the proposal but we didn't find anything we'd immediately object to. It seems like a reasonable idea. I feel like I saw some discussions of also differentiating based on protocol (treating http://webkit.org and https://webkit.org differently). Do you know you've already had such a discussion and if so what the outcome of that discussion was? - R. Niwa