Home Metrics
Login
#1: Web Animations 1.0
#2: Compositing and Blending Level 1
#3: Web Crypto API
#4: HTTP 2.0
#5: Web Audio review/feedback
#6: Push API
#7: The Screen Orientation API
#8: Network Service Discovery
#13: Web Components
#14: WebRTC
#15: JSON Feedback
#16: Custom Elements
#17: Nottingham Get Off My Lawn RFC
#18: Performance Observer Review (formerly Navigation Timing 2 concepts)
#19: Web MIDI
#20: CSS Font Loading
#21: Quota Management API
#22: Web NFC API
#23: Beacon
#24: Navigation Error Logging
#26: Shadow DOM
#28: WebRTC Identity Provider Selection
#30: Manifest spec
#31: Fullscreen
#32: Wake lock
#33: Screen orientation
#34: multipart/form-data
#35: CSS Regions
#36: WebAppSec reviews
#37: http-problem
#38: Browser Fingerprinting Document
#40: JSON Form Submission
#41: CSS Variables
#42: CSP
#43: Subresource Integrity
#45: permissions API
#47: Revise CSS regions draft based on outcome of 19-March discussion
#49: Credential Management API
#50: Upgrade Insecure Requests
#51: CSSOM View document.scrollingElement
#53: contributing.md document needed for tag reviews
#55: CSV on the Web
#56: Frame Timing API
#57: Media Capture and Streams
#59: File URI Scheme
#60: WebPush
#61: Presentation API Request for Feedback
#62: Clear Site Data
#63: Extensibility of Accessibility
#64: Cross-spec device identification & association
#66: Motion path spec
#67: Review Payments Working Group Charter
#68: Find out if the Battery Status API people need our feedback
#69: Media TF discussion
#70: requestIdleCallback
#71: CSS font-display
#72: Task Scheduling
#73: Write up the Secure Stop issue for ddorwin
#74: Unblocking the HTTPS Transitions
#75: Secure / Powerful / Features / Contexts
#76: "With Credentials" flag possibly inconsistent with web architecture
#77: Security Questionnaire
#78: Create a "advice for spec authors" page
#79: General review of Shadow DOM 2015 updates
#80: HTTP Opportunistic Security
#81: Automotive Working Group - API Refactor or Not?
#82: Feedback on Keygen
#83: Performance API review
#84: Indexed DB getAll(), openKeyCursor() and objectStoreNames
#85: Storage persistence
#86: Network Information API
#87: Review FormData additions in XHR
#88: Feedback on DOMError -> DOMException in Indexed DB
#89: Geofencing FPWD
#90: Bluetooth API Security Model
#91: Audio Output Devices API
#92: Streams General issue
#93: Review Web Annotations specs
#94: Notifications API
#95: Web Background Sync API
#96: Promise rejection tracking events
#97: Review Web Authentication spec
#98: W3C Push API - data payloads
#99: HTTP 451 Status
#100: Create a document to explain web platform async timing entry-points
#101: Privacy Mode
#102: Dated Space
#104: IntersectionObserver
#105: TV-Specific Web Subsetting
#106: WebVR
#107: ARIA
#108: WebUSB
#109: Payments Drafts Review
#110: Generic Sensor API
#111: TV Control API
#112: Question: Should spec-review discussions live inside respective spec's repository?
#113: WICG Issue on Improving AccessKey
#114: First Party Cookies
#115: Ambient Light Sensor API
#116: Filters in Canvas 2D
#117: URNbis documents
#118: relative URLs are not updated pushState()
#119: TAG Review of HTML 5.2 (previously 5.1)
#120: Performance APIs, Security and Privacy
#121: ReadableStreams (specs: Streams, Fetch)
#122: Accelerated Mobile Pages (AMP)
#123: Progressive Web Apps
#124: Review secure contexts
#125: Do we have feedback on Web Payment group's response to security & privacy questionnaire?
#126: Review of WakeLock API and suitability for overall platform requested by 31 August 2016
#127: Review origin policy.
#128: Review window.visualViewport API
#129: privacy of sensor & other exotic APIs
#130: Media Capture From DOM Element
#131: MediaStream Recorder
#132: Audio Output Device APIs
#133: MediaStream Image Capture
#134: Review Accessibility Object Model
#135: Data on the Web Best Practices
#136: A spec style/structure checklist?
#137: Disable Local Playback During Audio Sharing
#138: Timed Text Markup Language 2 (TTML2)
#139: Review Web Bluetooth
#140: Custom Paint API to CR
#141: Review OffscreenCanvas, including ImageBitmapRenderingContext
#142: Review request for Scroll Anchoring
#143: Example of usage for sittingToStandingTransform?
#144: Review OffscreenCanvas
#145: Remote Playback API
#146: PaymentRequest.canMakeActivePayment()
#147: IFrame support in web payments
#148: WebRTC Stats review
#149: MediaSession
#150: Long Task API
#151: WASM JS API review
#152: Web Payments Working Group Specifications
#153: IndexedDB 2.0 features review
#154: allow-top-navigation-by-user-activation
#155: KeyBoardEvent 'code' and 'key' spec reviews wanted
#156: Review ARIA in HTML specification (prior to CR transition)
#157: Review Screen Orientation spec prior to CR-entry
#158: Android payment app manifest
#159: Review request for Feature Policy
#160: Request for TAG review of Input Events level 1
#161: Request for TAG review of CSS Timing Functions spec
#162: Web payment method manifest
#163: Writable Streams
#164: ReadableStream pipeTo() and pipeThrough()
#165: SharedArrayBuffer + Atomics
#166: Navigation Preload for Service Worker
#167: WebAssembly Response API / Web Embedding
#168: Repo should be renamed (and templates updated) to reflect consulting role of the TAG
#169: Budget API (especially reserve() method)
#170: Web Share API
#171: Storage persistence and estimation APIs
#172: ViewportAPI naming Re-review
#173: Request for TAG review of Input events level 2
#174: HTML General Review
#176: WICG Shape Detection API
#177: Request to review First Paint Timing
#178: Serialization of natural language in data formats such as JSON [I18N]
#179: Web Share API
#180: TAG review for script type=module
#181: Consider template change to add link to WPTs for far-along specs
#182: Request to review Image Decode API
#183: Review Request for OpenType Variable Fonts Additions to CSS Fonts Module Level 4
#184: Review request for Push API
#185: Review request for WebVR
#186: Review of signature-based resource loading restrictions.
#187: Review request for ResizeObserver
#188: Review request for Server-Timing
#189: Review request for IndexedDB Observers
#190: Review request for Device Memory API
#191: Add request for links to WPT tests in issue template
#192: Request review of Keyboard Lock
#193: Request review for Scroll Boundary Behavior
#195: ReportingObserver
#196: Request review for PauseFrame API
#197: Intersection Observer review
#198: Trusted Types
#199: Gesture Delegation
#200: JavaScript module import()
#201: ads.txt
#202: Request for review: Preload
#203: Modeling media auto-playing as a permission?
#204: saveData attribute in Network Information API
#205: Web Lifecycle for system initiated Discarding & Stopping
#206: `Accept-CH` header is weird
#207: Sensor APIs
#208: import.meta.url, and import.meta generally
#210: Consider general storage observer that works for cookies
#211: Transform Streams
#212: TAG review of Web Audio API (round two)
#213: <link> rel="modulepreload"
#214: Dusting off Web Speech API?
#215: Files and Directory Entries API with webkit prefixes!
#216: Decentralized identifiers (DIDs)
#217: Web Locks API
#218: Media Capabilities
#219: CSS Selectors 4
#220: Img decoding attribute
#221: Web Share Target API
#222: Request review of (text only) Async Clipboard API
#223: TAG review for CSS Typed OM
#224: CSS Layout API
#225: Permission Delegation
#226: Picture-in-Picture (PiP)
#227: Web Components Guidelines Doc?
#228: Should WebRTC be [SecureContext]
#229: DOM
#230: CSS ::part and ::theme pseudo elements
#231: Payment Handler
#232: BCP56bis
#233: CSS Selectors 4, :focus-visible.
#234: Vehicle Information Service Specification (VISS) CR
#235: Signed Exchanges
#236: Find-in-page API(s)
#237: Changing requirements for Well-Known URIs
#238: Keyboard Map
#239: Deprecating nonsecure cookie delivery.
#240: The web platform needs a service discovery mechanism
#241: Priority Hints API
#242: HTML General Review: HTML Document and Elements
#243: HTML General Review: Structured Serialize/Deserialize
#244: HTML General Review: Custom Elements
#245: HTML General Review: HTML Linking
#246: HTML General Review: HTML Styling
#247: HTML General Review: HTML Lists
#248: HTML General Review: HTML Ruby
#249: HTML General Review: HTML Images
#250: HTML General Review: Browsing Contexts and Security
#251: HTML General Review: HTML Media
#252: HTML General Review: HTML Tables
#253: HTML General Review: HTML Forms
#254: HTML General Review: HTML Input
#255: HTML General Review: HTML Option Lists
#256: HTML General Review: HTML User Interaction
#257: HTML General Review: HTML Focus
#258: HTML General Review: HTML Scripting
#259: HTML General Review: HTML Templates
#260: HTML General Review: HTML Drawing
#261: HTML General Review: Microdata
#262: HTML General Review: Navigation and Browsing History
#263: HTML General Review: App Cache
#264: HTML General Review: HTML Utilities
#265: HTML General Review: HTML Parsing
#266: HTML General Review: HTML Timers and Timeslicing
#267: HTML General Review: Server-Sent Events
#268: HTML General Review: Web Sockets
#269: HTML General Review: Cross-Document Messaging
#270: HTML General Review: Web Workers
#271: HTML General Review: Web Storage
#272: HTML General Review: XML Infrastructure
#273: HTML General Review: HTML Obsolete Features
#274: HTML General Review: IANA Registries
#275: Request TAG review of HTML5.3
#276: Layered APIs
#277: WebUSB on Dedicated and Shared Workers
#278: Async local storage
#279: Background fetch
#280: `sec-metadata`
#281: Request review of Gamepad API
#282: TextEncoderStream and TextDecoderStream
#283: Page Lifecycle for system initiated Discarding & Freezing
#284: Notification Inline Replies
#285: Carriage of Web Resource in ISOBMFF
#286: CSS Logical Properties and Values
#287: Spatial Navigation
#288: OffscreenCanvas new commit() and DedicatedWorker.requestAnimationFrame
#289: Request.isReloadNavigation and Request.isHistoryNavigation
#290: Cookie Store API
#291: TAG review request of the CSP feature 'unsafe-hashes'
#292: Feature Policy JS introspection API
#293: Stale-While-Revalidate handling in browser
#294: TAG Review Request: queueMicrotask
#295: User Activation v2
#296: TAG Review Request: RTCIceTransport & RTCQuicTransport
#297: HTTP State Tokens
#298: Support codec and container switching with MSE using SourceBuffer.changeType()
#299: TAG review request: WebAssembly Threads
#300: User Activation API
#301: hrefTranslate attribute
#302: Canvas TextMetrics
#303: RTCQuicTransport
#304: RTCIceTransport
#305: Form Participation API
#306: CSS content-visibility property
#307: FetchEvent.resultingClientId
#308: Constructable Stylesheets
#309: Screen Capture API
#310: how to decide if workers are subresources or separate contexts
#311: Temporal proposal
#312: Base used to resolve relative URIs to absolute URIs in HTML5 data-blocks
#313: Review MathML
#314: JavaScript Decorators
#315: Wide gamut support for Canvas/OffscreenCanvas/ImageBitmap
#316: IndexedDB Transaction Explicit Commit API
#317: FetchEvent Worker Timing
#318: CSS Properties and Values API Level 1
#320: Migrating some high-entropy HTTP request headers to Client Hints.
#321: JavaScript WeakRefs
#322: Querying Encryption Scheme Support Through EME
#323: EME Extension: HDCP Policy Check
#324: Event Timing API
#325: WebRTC DSCP Control API
#326: Element Timing API for images
#328: IntersectionObserver V2
#329: imagesrcset and imagesizes attributes on link rel=preload
#330: Scroll-linked Animations
#331: Portals
#332: transferable streams
#333: Web Bluetooth Scanning
#334: HTML Modules
#335: Heads up: Verifiable Credentials review request coming shortly
#336: User Idle Detection
#337: Contact API
#338: scheduler.postTask() API
#339: Feature policy control over sandbox features
#340: Import maps
#341: Permissions policy (formerly feature policy) evolution
#342: Related Website Sets (formerly First-Party Sets)
#343: Verifiable Credentials Data Model 1.0
#344: Web Publications review
#345: Audiobooks
#346: Pointerevent extension
#347: User Activation Delegation through postMessages
#348: TAG review of whether element.pseudo(":unknown") should return null or throw
#349: CSS Animation Worklet API
#350: Async Clipboard - image/delayed content
#351: Alternative Text for CSS Generated Content
#352: Subresource prefetching+loading via Signed HTTP Exchange
#353: Backdrop Filter
#354: Design questions for Signed Exchanges
#355: Web of Things (WoT) Architecture
#356: Autoplay Detection API
#357: Web of Things (WoT) Thing Description
#358: MediaStream Image Capture API PTZ (Pan/Tilt/Zoom feature)
#359: Additional reading methods on Blob and File
#361: LazyLoad (loading= attribute)
#362: Gamepad Light Indicator extension API
#363: Add simpler reading methods to Blob interface.
#365: Storage Quota Usage Details
#366: JS Self-Profiling API
#367: Periodic Background Sync
#369: IFrame Execution Pausing
#370: WebHID API (Human Interface Device)
#371: File Handling
#372: Launch Events
#373: `SameSite=Lax` by default.
#374: Picture-in-Picture for arbitary content
#375: JSON modules
#376: Top-level await
#377: WebAssembly integration with ECMAScript modules
#378: Largest Contentful Paint
#379: Content Indexing
#380: Ability to customize virtual keyboard via enterkeyhint
#382: test issue
#383: Web Authentication Feature Detection
#384: A toggle switch control element
#385: A toast UI element
#386: JavaScript Memory API
#387: Badging API
#388: Contact Picker API
#389: WebTransport
#390: Native File System API
#391: WebOTP API
#392: Scroll To Text
#393: Layout Instability Metric
#394: WebSocketStream
#395: Element Timing API for text
#396: WebRTC-SVC (Scalable Video Coding)
#397: Same-Origin iframe document-access limiting attribute
#398: Prefetch request changes to improve privacy
#399: Font Enumeration API
#400: Font Table Access API
#401: Default accessibility semantics for custom elements
#402: @property
#403: WebXR Device API
#404: Review request: DOM Standard Review Draft
#405: CSS Modules
#406: Raw Clipboard Access API
#407: More restrictive hasEnrolledInstrument() for autofill data
#408: Feature Policy: Document Policies
#409: Rendering Independent Scroll Offsets
#410: CompressStream
#411: Marking tracking vectors
#412: Wide review request: the HTML Standard Review Draft
#413: Screen Enumeration API
#414: Trust Token API
#415: navigator.scheduling.isFramePending
#416: EditContext API
#417: Service Worker Scope Pattern Matching explainer
#418: Event-Level Click Conversion Measurement API
#419: Storage Corruption Review explainer
#420: Mixed content level 2
#421: Design questions around pay-for-what-you-use
#422: Microtransaction payment handlers
#424: Partition the HTTP cache
#425: [Payments] shipping and contact info delegation
#427: Modal window
#428: [WebComponents] Custom state pseudo class
#429: HTMLVideoElement.requestVideoFrameCallback()
#430: WebXR Gamepads Module
#431: Serial API
#432: Timed Text Markup Language (TTML2) 2nd Edition
#433: WebCodecs
#434: fetch() upload streaming
#435: Horizontal review request: Intersection Observer
#436: Get Installed Related Apps
#437: CSS contain-intrinsic-size
#438: MathML Core
#439: Autoplay Detection: async vs sync API
#440: Screen Capture API (2019)
#441: WebRTC playoutDelayHint
#442: Browser-assisted performance ablation studies
#443: HTTPS and CORS
#444: [Meta] Issue templates should ask for the organization / project on behalf of which the spec work is being done
#445: [Meta] Issue template should prominently ask for the intended target venue
#448: HTML horizontal review: Subresources and Navigation
#449: HTML horizontal review: Form controls
#450: HTML horizontal review: Agent clusters
#451: HTML horizontal review: Security
#452: HTML horizontal review: Browsing contexts
#453: HTML horizontal review: The Event Loop
#454: HTML horizontal review: Canvas
#455: HTML horizontal review: XML
#456: HTML horizontal review: CSS
#457: HTML horizontal review: Scripting
#458: HTML horizontal review: Web Components
#459: HTML horizontal review: Accessibility
#460: HTML horizontal review: Modules
#461: Web NFC
#462: WebXR Augmented Reality Module
#463: WebXR Hit Test Module
#464: Origin isolation
#465: WebRTC DSCP Control API
#466: Curve25519 in Web Cryptography
#467: Partial freezing of the User-Agent string
#468: Review the HTML spec's treatment of focus
#469: Cookie Store API
#470: WebXR DOM Overlay Module
#471: Securer Contexts
#472: Foldables CSS
#473: Delegated Ink Trail
#474: HR review of IMSC 1.2 FPWD
#475: isInputPending
#476: Personalization Semantics Explainer and Module 1
#477: Media Feeds API
#478: MiniApp URI Scheme
#479: WebXR Anchors Module
#481: Window Controls Overlay for Installed Desktop Web Apps
#482: URL Protocol Handler Registration for PWAs
#483: Scheme-bound Cookies
#484: PWA Change logs
#485: Layout Instability Shifted Element Surfacing
#486: Imperative Shadow DOM Distribution API.
#487: WebAssembly SIMD review
#488: CSS Color: lab(), lch()
#489: review HTML event loop and how things fit into it
#490: Image Resource
#491: SM series algorithms in Web Cryptography
#492: Window Segments API
#493: Data for measuring audio-video synchronization and end-to-end delay in realtime communications
#494: Declarative Shadow DOM
#495: AVIF Decode
#496: Content Indexing API
#497: Schemeful Same-Site
#498: VirtualKeyboard API - show/hide policy
#499: Review request: HTML Standard Jan 2020 Review Draft
#500: HTML Horizontal Review: the <img> element
#501: HTML Horizontal Review: User interaction, user activation, focus, tabbing, etc.
#502: HTML Horizontal Review: Windows, navigation, agents and agent clusters
#503: HTML Horizontal Review: Documents, DocumentOrShadowRoot, etc.
#504: HTML Horizontal Review: Event Loop, task queues, etc.
#505: HTML Horizontal Review: misc / reorg / cleanup
#506: Does Shortcuts need a design review?
#507: Virtual Keyboard API - boundaries of docked overlay keyboard
#509: Navigation to Unsigned Web Bundles (Web Packaging)
#510: shortcuts member of Web App Manifest
#511: Beforematch event and hidden=until-found
#512: making the "total" field optional in PaymentRequest API
#513: CSS advanced attr() function
#514: Client-side video editing (MediaBlob)
#515: CSS page-orientation descriptor
#516: Blink Shipping Process
#517: Allow audio packet rate to adapt in realtime communication.
#518: Record and Tuple ECMAScript Proposal
#519: Behavior of the "disabled" attribute for HTMLLinkElement
#520: CSS Overflow: scrollbar-gutter
#521: Scroll-linked Animations
#522: Multi-screen Window Placement features
#523: MiniApp Lifecycle
#524: MiniApp Manifest
#525: Overall review of features which enable/disable subframe or subresource capabilities
#526: CSS color-mix function
#527: Cross-origin opener policy reporting API
#528: WebXR Layers
#529: Geolocation API
#530: "display_override" field addition to the Web Manifest
#531: WebRTC Insertable Streams
#532: WebAssembly js-types API
#533: Storage Pressure Event
#534: VisibilityStateEntry
#535: Import Conditions
#536: IndexedDB putAll
#537: Pointer Events Azimuth Angle and Altitude Angle
#538: Referrer handling - default policy and capping
#539: MediaStreamTrack Content Hints
#540: Constant bitrate audio encoding with MediaRecorder
#541: jxl Content-Encoding
#542: Realms API ECMAScript Proposal
#543: Screen Wake Lock API
#544: Secure Payment Confirmation
#545: WebXR Device API
#546: Web page settings to save battery
#547: hasDroppedEntry in PerformanceObserverCallback
#548: Direct Sockets API
#549: Client Hint Reliability mechanisms
#550: WebXR Depth API
#551: Transferable Streams Spec
#552: PWAs as URL Handlers
#553: Pen Events API
#554: Web Share API review
#555: Formal Review Request for css-cascade-3
#556: Review Request - Decentralized Identifiers (DIDs) v1.0
#557: [Review Request] New CSS @font-face descriptors for overriding font metrics
#558: CAPTCHAs are horrible
#559: Review for CSS property "aspect-ratio"
#560: WebRTC Priority Control API
#561: APA Pronunciation Explainer
#562: Storage Buckets API
#563: CSS Scrollbars: scrollbar-color, scrollbar-width
#564: Deprecating `document.domain` setter.
#565: Review of CSS Sizing 3
#566: Review of NativeIO
#567: Byte Streams
#568: WebXR Hand Input API Specification
#569: Adding AbortSignal option to addEventListener
#570: Web Neural Network API
#571: Digital Goods API
#572: Private Network Access (aka CORS-RFC1918)
#573: DOM Review Draft — Published 15 June 2020
#574: WebXR Lighting Estimation
#575: Device Posture API [formerly Screen Fold API]
#576: Media Source Extensions for WebCodecs
#577: Web Authentication Level 2
#578: Require embedees to opt-in.
#579: CSS overflow: clip and overflow-clip-margin
#580: Limit allowed "accepted" extensions in File System Access API file pickers.
#581: Formal Review Request for CSS Text Level 3
#582: "credentialless" embedder policy.
#583: Review Request for CSS Color Adjust Level 1
#584: CSS Custom Highlight API Module Level 1
#585: Reporting
#586: ARIA 1.2
#587: EyeDropper API
#588: WebXR Dynamic Viewport Scaling
#589: Declarative Link Capturing
#590: Dropper color space
#591: Handwriting Recognition API
#592: Early design review of CSS Container Queries proposal
#593: Early design review of light-DOM CSS Scope proposal
#594: Early design review of modal close signals/ModalCloseWatcher
#595: SameParty cookie attribute
#596: Review request: Partitioning Network State
#597: Early design review of Cascade Layers
#598: Suggested file name and location for the File System Access API.
#599: HTMLPopupElement - <popup>
#600: Support seeking past the end of a file in the File System Access API
#601: Early design review for the FLoC API
#602: Early design review of the **updated** Multi-Screen Window Placement API
#603: MediaStreamTrack Insertable Media Processing using Streams
#604: Support WebOTP API and origin-bound one time code in cross-origin iframes
#605: App history API
#606: Managed Device Web API
#608: Media Session: video conferencing actions
#609: Early TAG design review for captureTab
#610: inert attribute
#611: Early Design Review: Speculation Rules
#612: WebCodecs (again!)
#613: Early Design Review: document.prerendering
#614: ARIA in HTML review
#615: TAG Specification review for viewport height client hint
#616: Early design review: Subresource loading with Web Bundles
#617: ModuleServiceWorker
#618: Early design review: opaque-blocklisted-never-sniffed MIME types
#619: Early design review: Sanitizer API
#620: WebXR Plane Detection Module
#621: Compute Pressure API
#622: WebID
#623: Cryptographically secure random UUIDs
#624: CSS: contain-intrinsic-size: auto, and converting to a shorthand property
#625: API for display-capturing the current tab
#626: WebGPU and WGSL
#627: CanvasRenderingContext2D API Improvements
#628: Back/Forward Cache
#629: Partitioning Storage, Service Workers, and Communication APIs
#630: Service Worker subresource filter
#631: Shared Element Transitions - Early Review
#632: User Preference Media Features Client Hints Headers
#633: JPEG XL decoding
#634: Pre CR review request of CSS Multi-column layout Level 1
#635: Find the best terminology to restrict the usage of data urls
#636: Pickling for Async Clipboard API
#637: [css-color-adjust-1] Privacy Impact of System Colors in Forced Colors Mode
#638: HTTP 103 Early Hints
#639: Anonymous iframes
#640: User-Agent Client Hints & UA Reduction
#641: Resource Timing
#642: User Timing
#643: HTMLMediaElement controlsList
#644: Performance Timeline
#645: Capture Handle Identity
#646: Canvas 2D color management
#647: scheduler.postTask()
#648: Note Taking: New Note URL field
#649: COOP same-origin-allow-popups-plus-coep
#650: Distributed Tracing WG: Baggage specification
#651: MediaStream Image Capture (wide review)
#652: WebXR Raw Camera Access API
#654: Cookies Having Independent Partitioned State (CHIPS)
#655: Capability Delegation
#656: MSE-in-Workers
#657: Pre-CR review: HTML Review Draft — Published 18 January 2021
#658: Pre-CR review: DOM Review Draft — Published 21 June 2021
#659: CSS tree-scoped at-rule names and references (for @font-face, @keyframes, etc.)
#662: Gamepad API input events
#663: Review Request for prefers-contrast media query
#664: Review of AccessHandles for the Origin Private File System
#665: review request, CSS Masking and Clipping
#666: Review Request: CSS Fonts src: descriptor syntax for client side font selection
#667: Same-origin prerendering triggered by speculationrules
#668: Add `id` member to web application manifest spec
#669: WebTransport review request
#670: InteractionID in Event Timing
#671: EME MediaKeySessionClosedReason
#672: WritableStream controller's AbortSignal
#673: CSS Display Level 3
#674: HTMLScriptElement.supports(type) method
#675: Secure Payment Confirmation - Part 2
#676: renderPriority element attribute
#677: Auto-expanding details elements
#678: Pre-CR review of CSS Cascading and Inheritance Level 5
#679: Conditional Focus (When Display-Capture Starts)
#680: HTMLPopupElement
#681: Preserve-parent-color value of forced-color-adjust CSS property
#682: State extension for JS Self-Profiling API.
#683: Web App Launch Handler
#684: EPUB 3.3
#685: Feature policy for Keyboard API
#686: Broadening the user base of WebAuthn
#687: WebAuthn minPinLength
#688: HTMLInputElement showPicker()
#689: Viewport Segments Property
#690: Foldable Device CSS Primitives
#691: "FYI" Review of new window.open() behavior
#692: Credential Management: Conditional Mediation
#693: ObservableArray, and its use by adoptedStyleSheets
#694: Modification of selection APIs to account for shadow dom
#695: `handle_links` manifest field ✨
#696: Dark mode support for web apps
#697: Review Request for adding video- prefixed media features
#702: Markup based Client Hints delegation for third-party content
#703: HIDDevice forget()
#704: Priority Hints API
#705: `prefers-reduced-data` CSS Media Query
#706: [css-values-4] The Large, Small, and Dynamic Viewport Sizes
#707: [mediaqueries-4] Range contexts
#708: [CSS-Values-4] FYI review of Allow infinity, -infinity and NaN in CSS calc()
#709: Review request before CR: CSS `selector()`
#710: Region Capture
#711: AbortSignal.timeout()
#712: Review Request for CSS Subgrid
#713: Review request for Confirmation of Action API
#714: <search> HTML element
#715: Web of Things (WoT) Thing Description 1.1: TAG and Security Review
#716: I18N String-Meta and WebIDL
#717: Navigation API (formerly app history API)
#718: FedCM (was WebID)
#719: FYI Review of CSS Fonts 4 `font-palette`and `@font-palette-values`
#720: FYI - MediaCapabilities API for WebRTC
#721: Design Review: Speculation Rules (Prefetch)
#722: Early design review: Subresource loading with Web Bundles (request for resuming #616)
#723: Review request for Protected Audience
#724: Review Request for Attribution Reporting API
#725: Early design review for Range API improvements
#726: Early design review for the Topics API
#727: Review request on `blocking=render` attribute for scripts and stylesheets
#729: Cookie Expires/Max-Age attribute upper limit
#730: Early design review: CSS Toggles
#731: Review request for CSS Variables
#732: Early design review: Focusgroup
#733: Web of Things (WoT) Discovery
#734: Element.checkVisibility review
#735: Review request for Fenced Frames
#736: Web of Things (WoT) Architecture 1.1
#737: Design review: AbortSignal.any()
#738: early design review: Permissions-Policy: unload
#739: Early design review: Back/forward cache NotRestoredReasons API
#740: CSS property object-view-box review
#741: Response.json()
#742: COEP reflection
#743: The Popover API (previously Popup)
#744: Collection of Screensharing-related UX Hints
#745: Site-initiated mirroring
#746: import.meta.resolve()
#747: Shared Storage API
#748: View Transitions API
#749: FYI review of Writable directory prompts for the File System Access API
#750: CSS Overflow for replaced elements
#751: Private Network Access (aka CORS-RFC1918) permission to relax mixed content
#752: MiniApp Manifest
#753: Review request on Render Blocking Status in Resource Timing
#754: Fetch streaming upload
#756: ContentVisibilityAutoStateChanged event
#757: Review request for HTTP Status Code in Resource Timing
#758: TAG review of Data Catalog Vocabulary (DCAT) - Version 3
#759: Web Machine Learning Model Loader API
#760: COOP: restrict-properties early review
#761: Review request: linear() easing function
#762: MiniApp Packaging
#763: Secure Payment Confirmation (heading to Candidate Recommendation)
#764: FileSystemHandle Unique ID
#765: Wildcards in Permissions Policy Origins
#766: Output Device Selection in Web Audio API: AudioContext.setSinkId()
#767: Multi-Screen Window Placement on the Web - Initiating Multi-Screen Experiences
#768: VISS (Vehicle Information Service Specification) 2 Core and VISS 2 Transport
#769: Delta review (to CR) of WebXR Augmented Reality Module
#770: Delta review (to CR) of WebXR Gamepads Module
#771: Delta review (to CR) of Web Neural Network API
#772: Sync Methods for FileSystemSyncAccessHandle in File System Access API
#773: FileSystemHandle.remove() for the File System Access API
#774: updated URI syntax for IPv6 link-local zone identifiers
#775: CORS Requirement for 3rd party sources in <model> tag
#776: Early Design Review: Pending Beacon API
#777: Requesting TAG review for Trace Context Level 2 changes
#778: TPD
#779: Cookies Having Independent Partitioned State (CHIPS) specification review
#780: Private State Tokens (formerly Trust Tokens)
#781: CSS Values and Units Level 4
#782: WebXR Device API XRSession::enabledFeatures attribute (CR Delta)
#785: Content-type in Resource Timing
#786: early design review: bfcache/prerendering eviction APIs
#787: Design and specification review of CSS Container Queries Style Features
#788: Review of IMSC-HRM
#789: UI Events Keyboard Events Key Values review request
#790: UI Events Keyboard Events Code Values review request
#791: Spec review for CSS Nesting
#794: How should web standards use the new JavaScript Symbol.dispose protocol?
#795: Compute Pressure Specification Review
#797: No-Vary-Search HTTP header
#798: Early design review: Document Picture-in-Picture
#799: Gamepad Extensions API touch input
#801: baseline-source
#802: Two changes to Secure Payment Confirmation prior to CR
#803: FedCM multi IDP support
#805: Moving local files with the File System Access API
#806: WebAuthn PRF extension
#807: Storage Access API
#808: requestStorageAccessFor
#809: WebAssembly JavaScript Promise Integration API
#810: Autoplay Policy Detection API
#811: Web Content Accessibility Guidelines (WCAG) 2.2 2023-01-30 > 2023-02-24
#812: FYI - Add optional `submitter` parameter to the `FormData` constructor
#813: FedCM Auto Re-authentication API
#814: WebAssembly Garbage Collection extensions
#815: Skip no-op service worker fetch handler
#816: CR Snapshot Review for EPUB 3.3
#818: Web of Things (WoT) Profile - Review Requested
#819: Early review for adding a new value to the standard list of `name`s for a meta tag
#820: Web Authentication: Large Blob extension
#821: Review of DPUB-ARIA 1.1 and DPUB-AAM 1.1
#822: text-wrap: balance
#823: Early design review request: IPA
#824: Display and content-visibility animations
#825: Transitions on specified discrete properties
#826: Background Blur API
#827: Early design review: scheduler.yield()
#828: Spec review for Scroll-driven Animations
#829: Entry and Exit Animations
#830: Web Bluetooth exclusionFilters option in requestDevice()
#831: Eligibility for autofill
#832: TAG review of the proposal to use the RegExp `v` flag instead of `u` for the HTML `pattern` attribute
#833: [FYI] Report Critical-CH caused restart in NavigationTiming
#834: Detect UA Transitions on Same-Document Navigations
#835: Disabling UA transitions for same-document navigations
#836: WebRTC Codec selection API
#837: WebRTC-SVC (Scalable Video Coding)
#839: FedCM: LoginHint, UserInfo, and RPContext
#840: Fullscreen Popup Windows
#841: Tabbed web apps
#842: Isolated Web Apps
#843: Web Audio API: RenderCapacity API
#845: Multiple Readers and Writers in File System Access API
#846: Private Aggregation API
#848: Specification review for CSS Anchor Positioning
#849: Incremental Font Transfer: Patch Subset
#850: Specification review request for Verifiable Credential Data Integrity
#851: Cross-document View Transitions API
#852: Borderless mode
#853: HTTPS Upgrades
#854: Bluetooth RFCOMM in Web Serial API
#855: RDF Canonicalization
#856: API for capturing all screens
#857: VC-JWT
#858: deliveryType (Resource Timing)
#859: VC JSON Schema
#860: Verifiable Credentials Data Model v2.0
#862: TAG spec review of Bounce Tracking Mitigations
#863: ServiceWorker static routing API
#864: text-wrap: pretty
#865: WebUSB exclusionFilters option in requestDevice()
#866: Exclusive accordion (<details name="">)
#867: navigateEvent.sourceElement
#868: The `FileSystemObserver` interface
#869: WebDriver BiDi
#870: oi
#871: [FYI] Clear Client Hints via Clear-Site-Data header
#872: Captured Mouse Events
#873: Portable Network Graphics (PNG), Third Edition.
#874: Verifiable Credential Status List 2021
#875: TAG review for web app `scope_extensions`
#876: content-visibility: auto forces contain-intrinsic-size: auto
#877: Tag review for Compression Dictionary Transport
#878: systemEntropy addition to PerformanceNavigationTiming
#879: Soft Navigations
#880: Extending the PointerEvent with Unique DeviceId Attribute
#881: `prefers-reduced-transparency` CSS Media Query
#883: `inverted-colors` CSS Media Query
#884: TAG review request for the IDP signin status API
#885: CSS State Container Queries
#886: Document Render-Blocking
#887: Specification Review: FetchLater API
#888: Web Install API - Same Origin
#889: Allow transferring ArrayBuffer into WebCodecs object constructors
#890: `field-sizing` CSS property
#891: The CSS `word-break: auto-phrase` property
#892: DisplayMediaStreamOptions monitorTypeSurfaces
#893: FedCM API extension: Error API, AccountAutoSelectedFlag, HostedDomain and Revocation API
#894: Relative Color Syntax (RCS)
#895: Web Audio API: User-Selectable Render Quantum Size
#896: Partitioning :visited links history
#897: Tag review request for the "Dubbing and Audio description Profiles of TTML2"
#899: Securing Verifiable Credentials using JOSE and COSE
#901: Feature detection for supported clipboard formats
#902: Observable API
#903: Side Panel
#904: Standardizing Security Semantics of Cross-Site Cookies
#905: Intersection Observer Scroll Margin
#906: Extending Storage Access API (SAA) to non-cookie storage
#907: CSS `text-spacing` property and its longhands
#908: View Transitions: list of types
#909: Permissions Policy Reporting and Report-Only mode
#910: Web Printing API
#911: Long Animation Frame API (LoAF)
#912: WebCodecs support for AV1 screen content coding tools
#913: CSS Spelling and Grammar Customization
#914: CSS ::selection Inheritance Model
#915: Animating font-palette
#916: Early Design Review: Opener Protections
#917: Adding support for High Dynamic Range (HDR) imagery to HTML Canvas
#918: @page margin boxes
#919: TAG spec review of Storage Access Heuristics
#920: Invokers API
#921: Navigation Activation Info
#922: BBS Cryptosuite v2023 Securing Verifiable Credentials with Selective Disclosure using BBS Signatures
#923: Adding a close event to MessagePort API
#924: New attribute to control UA-provided writing assistance
#925: Delayed Clipboard Rendering
#927: WAI-ARIA 1.3 FPWD
#928: DeviceOrientation Event Specification
#930: Zstandard Content-Encoding
#931: Speculation rules: target_hint field
#932: Local Peer-to-Peer API
#933: Updated review of WebNN API
#934: Gamepad Trigger Rumble Extension
#935: FedCM API extension: Button Mode and User Other Account API
#938: View Transition Classes
#939: Early TAG review request for Playout Statistics API for WebAudio
#940: JS String Builtins for WebAssembly
#941: Wide review request for Pointer Events Level 3
#942: Constructors for RTC encoded frames with custom metadata
#943: Spec review for Snap Events
#944: Importmap integrity
#945: FedCM bundle: Continuation API, account labels, custom parameters, scopes
#948: Web Translation API
#949: document.caretPositionFromPoint API in shadow DOM scenario
#950: Web Audio API: Add error reporting via AudioContext.onerror
#951: Conversion to RGB in VideoFrame.copyTo()
#952: Support Video Chapter in MediaMetadata
#955: CSS calc-size() function
#957: Add Skip-Ad media session action
#958: Timing Info for ServiceWorker static routing API
#959: Requesting review of HTML Ruby Markup Extensions
#960: Controller Documents v1.0
#961: Reference Target
#962: Captured Surface Control
#963: ServiceWorkerAutoPreload
#964: `noopener-allow-popups` value in COOP
#965: improvements to <details> styling (widget structure)
#966: Spec review for scheduler.yield()
#967: Design Review: Prioritized Task Scheduling (big picture)
#969: Compression Dictionary Transport: Align on a single Content-Encoding for the web?
#970: A layer attribute for layering of linked CSS style sheets in HTML
#971: Vibration API
#972: D
#973: Before 6 August 2023 -- Guidance on Applying WCAG 2 to Non-Web Information and Communications Technologies (WCAG2ICT) - Google Chrome - Daniel (w3.org)
#974: FedCM's IdP Registration API
#976: DOM state-preserving move
#977: Accessibility conformance Testing (ACT) Rules Format 1.1
#979: Early design review: Future browsing context group dependency hint
#980: Multiple import maps
#981: Call stacks in crash reports from unresponsive web pages
#982: Early design review: Storage Access Headers
#983: WebXR Device API (delta/aiming 2nd CRS)
#985: Realms Initialization Control
#986: Early Design Review: Lightweight FedCM
#989: Entering IPv6 Zone Identifiers in User Interfaces
#990: FYI Private State Token API Permissions Policy Default Allowlist Wildcard
#991: Writing Assistance APIs
#992: FedCM as a trust signal for the Storage Access API
#993: TAG Review for CSS Values & Units Level 5
#995: Document-Isolation-Policy
#997: [HTML] Canvas place element
#998: CSS Selectors 4; :local-link
#999: CSS Scoping; :has-slotted
#1000: Declarative CSS Modules and Declarative Shadow DOM `adoptedstylesheets` attribute
#1001: CSS view transition auto name generation
#1002: Review for CR transition of WebAssembly specifications for version 2.0 features
#1004: Early Design Review: Allowing First-Party SameSite=None Cookies in Sandboxed Contexts
#1009: Review for Protected Audiences Bidding and Auction Services API
#1012: User-defined script "entry points" for performance timing
#1013: Paint/presentation timestamps in performance APIs
#1014: Document-Policy: expect-no-linked-resources
#1015: Payment link type in HTML #1004: Early Design Review: Allowing First-Party SameSite=None Cookies in Sandboxed Contexts Visit on Github.
Discussions
OpenedOct 16, 2024
こんにちは TAG-さん!
I'm requesting a TAG review for allowing
SameSite=Nonecookies in first-party sandboxed contexts in browsers with third-party cookie (3PC) restrictions.In order to prevent malicious attacks from untrusted content, servers can include a
Content-Security-Policy: sandboxHTTP header or sandbox attribute on an embedded iframe. This policy results in the browser treating the frame as an opaque origin, and requests originating from it cannot includeSameSite=Strict/Laxcookies. However, for the purposes of 3PC blocking, the opaque origin also causes the browser to treat same-site subresource embeds on the top-level as cross-site, soSameSite=Nonecookies are also excluded from requests.To preserve legacy behavior and mitigate future breakage due to 3PC blocking, we would like to introduce a method for servers to indicate to the browser that they wish a sandboxed context to include first-party
SameSite=Nonecookies in requests using aContent-Security-Policyor HTMLiframesandboxing value:'allow-same-site-none-cookies'.Further details: