README.md

Anonymous iframe

Anonymous iframe gives developers a way to load documents in third party iframe using a new and ephemeral context. In return, the Cross-Origin-Embedder-Policy (COEP) embedding rules can be lifted.

This way, developers using COEP can now embed third party iframes that do not.

Documents

• The problem
• Explainer
• Alternatives considered
• Tests
• Demo
• Specification
• Security considerations
• Privacy considerations
• Self-Review Questionnaire: Security and Privacy

Contribute

You are welcome to contribute!

• Issues
• Discussion
• Pull requests

Stakeholder status / feedback

Chrome

Under development: Feature status

The WIP implementation can be tried, using the command line flags:

google-chrome-beta --enable-blink-features=AnonymousIframe --enable-features=PartitionedCookies

Check the Demo

Implementation tracker: https://crbug.com/1226469

Fill bugs, under the Blink>SecurityFeature>AnonymousIframe component.

Firefox

• Request for position: mozilla/standards-positions#628 (pending)

Safari:

• Request for position: https://lists.webkit.org/pipermail/webkit-dev/2022-April/032205.html (pending)
• Request for posiiton: WebKit/standards-positions#45 (pending)

W3C Technical Architecture Group:

• design review