diff options
author | Robert Sesek <rsesek@google.com> | 2019-03-22 16:32:30 -0400 |
---|---|---|
committer | Sachiyo Sugimoto <sachiyo@google.com> | 2019-08-23 23:47:31 +0000 |
commit | 274c35fe8fea6e33fd99a0ea89f90115e7d9ed1e (patch) | |
tree | a27a0c64bd1575a9b933b2e60aca2a55d90b4787 | |
parent | 53262058d340a683e9bf04eec1c57f8425ca7107 (diff) | |
download | platform_compatibility_cdd-274c35fe8fea6e33fd99a0ea89f90115e7d9ed1e.tar.gz platform_compatibility_cdd-274c35fe8fea6e33fd99a0ea89f90115e7d9ed1e.tar.bz2 platform_compatibility_cdd-274c35fe8fea6e33fd99a0ea89f90115e7d9ed1e.zip |
CDD: Add requirement about multi-process WebView.
- Improve security and stability for third party apps
that use WebView in the multi-process.
Bug: 32813129
Change-Id: Ifaac72a3b2b20e0c0f041bd54308cefa8df245e0
-rw-r--r-- | 3_software/3_4_web-compatibility.md | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/3_software/3_4_web-compatibility.md b/3_software/3_4_web-compatibility.md index 07468413..0deaa467 100644 --- a/3_software/3_4_web-compatibility.md +++ b/3_software/3_4_web-compatibility.md @@ -32,6 +32,18 @@ If device implementations provide a complete implementation of the possible and if it supports the feature SHOULD conform to the [HTML5 specification](http://html.spec.whatwg.org/multipage/). +* [C-1-3] MUST render the provided content or remote URL content in a process + that is distinct from the application that instantiates the WebView. Specifically + the separate renderer process MUST hold lower privilege, run + as a separate user ID, have no access to the app's data directory, + have no direct network access, and only have access to the minimum-required + system services over Binder. The AOSP implementation of WebView meets + this requirement. + +Note that if device implementations are 32-bit or declare the feature flag +`android.hardware.ram.low`, they are exempted from C-1-3. + + ### 3.4.2\. Browser Compatibility If device implementations include a standalone Browser application for general |