CDD: Add requirement about multi-process WebView.

- Improve security and stability for third party apps
 that use WebView in the multi-process.

Bug: 32813129
Change-Id: Ifaac72a3b2b20e0c0f041bd54308cefa8df245e0

1 files changed, 12 insertions, 0 deletions

diff --git a/3_software/3_4_web-compatibility.md b/3_software/3_4_web-compatibility.md
index 07468413..0deaa467 100644
--- a/3_software/3_4_web-compatibility.md
+++ b/3_software/3_4_web-compatibility.md
@@ -32,6 +32,18 @@ If device implementations provide a complete implementation of the
      possible and if it supports the feature SHOULD conform to the
      [HTML5 specification](http://html.spec.whatwg.org/multipage/).
 
+*    [C-1-3] MUST render the provided content or remote URL content in a process
+     that is distinct from the application that instantiates the WebView. Specifically
+     the separate renderer process MUST hold lower privilege, run
+     as a separate user ID, have no access to the app's data directory,
+     have no direct network access, and only have access to the minimum-required
+     system services over Binder. The AOSP implementation of WebView meets
+     this requirement.
+
+Note that if device implementations are 32-bit or declare the feature flag
+`android.hardware.ram.low`, they are exempted from C-1-3.
+
+
 ### 3.4.2\. Browser Compatibility
 
 If device implementations include a standalone Browser application for general