Overall review of features which enable/disable subframe or subresource capabilities

[hober]

We're concerned with the large number of features used to constrain/grant access to capabilities in subframes/subresources. The large number of related, yet distinct knobs, and the different kind of knobs, makes it challenging for authors to do the right thing.

We hope that a review of all of these mechanisms may identify areas where simplification or consolidation could occur while still enabling all necessary use cases. We also hope this review will result in related changes to the Web Platform Design Principles document, to help spec authors in the future when they consider adding yet another feature in this area.

This came up during our review of #397. Possibly-related older reviews include

• allow-top-navigation-by-user-activation #154
• Review request for Feature Policy #159
• Modeling media auto-playing as a permission? #203
• Permission Delegation #225
• HTML General Review: Browsing Contexts and Security #250
• sec-metadata #280
• User Activation API #300
• Portals #331
• Feature policy control over sandbox features #339
• Permissions policy (formerly feature policy) evolution #341
• User Activation Delegation through postMessages #347
• IFrame Execution Pausing #369
• Feature Policy: Document Policies #408
• Modal window #427
• Schemeful Same-Site #497

[dbaron]

This is closely related to w3ctag/design-principles#41.

[cynthia]

Also: w3ctag/design-principles#144

[dbaron]

@hober and @atanassov started a spreadsheet to build up information about these features in a prior breakout.