Merge pull request #924 from w3c/meeting-2025-12-04

kiaraarose · web-flow · commit d43f02e97580 · 2025-12-04T10:29:14.000-08:00
Publish minutes of 2025-12-04 meeting
diff --git a/_minutes/2025-12-04-wecg.md b/_minutes/2025-12-04-wecg.md
@@ -0,0 +1,162 @@
+# WECG Meetings 2025, Public Notes, Dec 4
+
+ * Chair: Kiara Rose
+ * Scribes: Rob Wu
+
+Time: 8 AM PST = https://everytimezone.com/?t=69322080,3c0
+Call-in details: [WebExtensions CG, 4th December 2025](https://www.w3.org/events/meetings/43e4fb8e-4736-445c-b051-2383ffeef033/20251204T080000/)
+Zoom issues? Ping @zombie (Tomislav Jovanovic) in [chat](https://github.com/w3c/webextensions/blob/main/CONTRIBUTING.md#joining-chat)
+
+
+## Agenda: [discussion in #914](https://github.com/w3c/webextensions/issues/914), [github issues](https://github.com/w3c/webextensions/issues)
+
+The meeting will start at 3 minutes after the hour.
+
+See [issue 531](https://github.com/w3c/webextensions/issues/531) for an explanation of this agenda format.
+
+ * **Announcements** (2 minutes)
+ * **Triage** (15 minutes)
+   * [Issue 915](https://github.com/w3c/webextensions/issues/915): Inconsistency: `tabs.query` behavior for permissions granted by `content_scripts.matches`
+   * [Issue 916](https://github.com/w3c/webextensions/issues/916): Sidepanel API: Behavioral inconsistencies with Chrome and Edge implementations
+   * [Issue 917](https://github.com/w3c/webextensions/issues/917): Proposal: Add `management.readOnly` permission for read-only access to management API
+   * [Issue 918](https://github.com/w3c/webextensions/issues/918): Grant time-based user activation from extension events that grant a user gesture
+   * [Issue 919](https://github.com/w3c/webextensions/issues/919): Should user gestures be curried between contexts?
+   * [Issue 920](https://github.com/w3c/webextensions/issues/920): Should extension APIs consume user activation?
+ * **Timely issues** (10 minutes)
+   * [PR 802](https://github.com/w3c/webextensions/pull/802): Add proposal for `topFrameMatches` and `excludeTopFrameMatches`
+   * [PR 885](https://github.com/w3c/webextensions/pull/885): Correct `iconVariants` and `colorSchemes` casing. Add `NotificationOptions.iconVariants`
+ * **Check-in on existing issues** (20 minutes)
+   * [Issue 449](https://github.com/w3c/webextensions/issues/449): Provide way of handling unsupported DNR rule
+
+
+## Attendees (sign yourself in)
+
+ 1. Giorgio Maone (NoScript, Tor)
+ 2. Rob Wu (Mozilla)
+ 3. Sohail Rajdev (Microsoft)
+ 4. Simeon Vincent (Mozilla)
+ 5. Tomislav Jovanovic (Mozilla)
+ 6. Patrick Kettner (Google Chrome)
+ 7. Kiara Rose (Apple)
+ 8. Carlos Jeurissen (Jeurissen Apps)
+ 9. Dave Vandyke (DuckDuckGo)
+ 10. Timothy Hatcher (Apple)
+ 11. David Johnson (Apple)
+ 12. Mukul Purohit (Microsoft)
+ 13. Jordan Spivack (Capital One)
+
+
+## Meeting notes
+
+TPAC meeting notes
+
+ * [rob] TPAC 2025 ([issue 843](https://github.com/w3c/webextensions/issues/843)) meeting notes are pending review and publication at https://github.com/w3c/webextensions/pull/923.
+
+[Issue 915](https://github.com/w3c/webextensions/issues/915): Inconsistency: `tabs.query` behavior for permissions granted by `content_scripts.matches`
+
+ * [kiara] This issue was filed by someone from Chromium.
+ * [patrick] No action item for today.
+ * [kiara] Can follow up next week.
+
+[Issue 916](https://github.com/w3c/webextensions/issues/916): Sidepanel API: Behavioral inconsistencies with Chrome and Edge implementations
+
+ * [kiara] Whether side panel should stay open.
+ * [sohail] Not sure if by design or a bug, I'll take a look.
+
+[Issue 917](https://github.com/w3c/webextensions/issues/917): Proposal: Add `management.readOnly` permission for read-only access to management API
+
+ * [kiara] Request for `management.readOnly` permission. We do not have a `management` API in Safari, but it sounds reasonable. Any input from Firefox?
+ * [tomislav] This was discussed during TPAC. Sounds reasonable. `management.getSelf()` is already available, this is just for getting the information for other extensions, right?
+ * [patrick] Yes.
+ * [patrick] Another idea is to establish a pattern for other APIs with similar read-only capabilities.
+ * [rob] I'm supportive of the `.readOnly` suffix as a pattern for read-only API permissions.
+ * [tomislav] Same.
+ * [dave] I wonder if extensions could misuse the ability to check which other extensions are installed. E.g. one extension telling the user to uninstall all their ad blockers or something.
+ * [patrick] Yes, it is the purpose of the API to expose that. Seen in the past that extensions tried to block screenshot extensions.
+ * [rob] The permission would still have a warning, just a less scary one, right?
+ * [patrick] Yes.
+ * [sohail] How would events be exposed to this API when an extension has the read only API?
+ * [patrick] Events would still be dispatched, but the extension would not be able to change things related to other extensions.
+ * [tomislav] If we don't expose events, extensions could still gather data via polling, which isn't a pattern we want to encourage.
+ * [dave] What is the purpose of allowing one extension to know which other one exists? E.g. I understand that it would be nice for a content blocker to detect other content blockers to detect potential conflicts. I see downsides too, e.g. don't want the Amazon extension to detect Bitwarden.
+ * [patrick] Doesn't change exposed information; the management API can already do that. The purpose of this is to reduce the API capabilities for those that only need read-only access. Content blockers are indeed an example of use cases that have asked for this.
+ * [timothy] Dave's concerns are the same reason why we have not implemented the `management` API in Safari. I don't expect Safari to ever allow an extension to see extensions other than those from the same developer.
+ * [patrick] Seen enterprise use cases that want to control installed extensions.
+ * [simeon] I imagine Safari to have other mechanisms to support that use case.
+ * [timothy] We do have other ways to allow administrators to force disable extensions through device management solutions.
+ * [simeon] Might be worth considering how read-only would apply to host permissions.
+ * [tomislav] For the moment we should exclude them from this concept.
+
+[Issue 918](https://github.com/w3c/webextensions/issues/918): Grant time-based user activation from extension events that grant a user gesture
+
+ * [kiara] This and next two issues are related and discussed at TPAC.
+ * [kiara] Considering time-based user interaction. Safari is supportive.
+ * [rob] Also supportive. We discussed this at TPAC and would like to improve this area.
+ * [rob] Chrome is also supportive, judging by the labels on the issue.
+
+[Issue 919](https://github.com/w3c/webextensions/issues/919): Should user gestures be curried between contexts?
+
+ * [kiara] Firefox, do you have thoughts on this?
+ * [rob] Hesitant. Currying has some concerning potential abuses. I would like to see a proposal.
+ * [tomislav] Two cases: Content script to background page, extension page to background page. One of them is an extension context, the other a page context, we may want to treat them differently. I may be in favor of extension-to-extension contexts because that is less prone to abuse. Extension could injects its own iframe in the web page, and use messaging from within that iframe to the background.
+ * [rob] Does Safari have any concerns with currying?
+ * [kiara] Currently supportive.
+ * [rob] Any hesitations around relaying gestures from content scripts to extensions? Content scripts make it very easy to capture a user gesture and degrades the quality of the signal with respect to user intent.
+ * [timothy] Valid concern. Worth being more hesitant in that direction. We currently have `permissions.request` behind a user gesture. Popping up an alert may be annoying.
+ * [rob] At TPAC we discussed propagating user interaction from an extension API event in the background to a content script. I am supportive of that with an explicit opt-in signal.
+ * [timothy] Open to an explicit signal.
+ * [rob] In that case it would be an explicit signal. Does that remove your concern about different behaviors depending on direction?
+ * [timothy] Don't think that it is worth making a difference based on direction.
+ * [rob] What is Google's position?
+ * [kiara] Chrome already does currying.
+ * [tomislav] I remember Devlin being concerned about some aspect of the current implementation.
+ * (this discussion continues in the next topic on user activation)
+
+[Issue 920](https://github.com/w3c/webextensions/issues/920): Should extension APIs consume user activation?
+
+ * [kiara] Should extension APIs consume user activation?
+ * [simeon] In short yes, but may involve complexity because with currying there is not a single place where you would consume the activation.
+ * [tomislav] In order to do this, this would require an explicit signal when currying messages. What would consume it? Being explicit about what consumes it would make it easier to document and understand what's happening.
+ * [rob] Currying is a separate discussion. On the issue Oliver expressed that Chrome wants to consume user activation, for example when `downloads.open()` is called. I am also supportive of that.
+ * [tomislav] Yes, it makes sense for methods that require a gesture to consume it.
+ * [rob] Is Safari also supportive of consuming the user activation when `permissions.request()` is called (which is the only API requiring a user gesture in your implementation)?
+ * [timothy] Yes.
+ * [simeon] Only concern I have is that there may be existing use cases that require an activation that are called in the same turn of the event loop. Perhaps we could add telemetry to help understand current usage?
+ * [sohail] Can implementing this break existing extensions?
+ * [simeon] I believe so, that's why I think we may want to add some telemetry here and assess potential impact.
+ * [tomislav] Does Chrome have many more methods that would consume? We currently have around half a dozen or so.
+ * [patrick] Don't know for sure. I feel like we have more, but not clear offhand.
+ * [simeon] Thoughts on whether we should add telemetry?
+ * [tomislav] I think we have too few for this to be a practical problem.
+ * [simeon] What about something like initiating multiple downloads?
+ * [tomislav] Hadn't considered. Good point.
+ * [rob] I expect `permissions.request()` will be the most common consumer. Since Chrome does currying, I think that they can collect the most meaningful telemetry to measure the prevalence of currying and the reliance on that.
+ * [patrick] I'm sure that we wanted it; don't know if we can prioritize it. Other examples are offscreen documents where web APIs require user activation.
+ * [simeon] I think one of the most concrete use cases (at least for my own use) is clipboard interaction. In Chrome the extension needs to fall back to the old DOM clipboard APIs.
+ * &lt;discussion resumed at the end of the meeting>
+ * [simeon] We potentially have a matrix of options .
+ * [carlos] There's also the concept of a sticky user activation.
+ * [tomislav] I don't know if we have any method that would require an activation but not consume it. Cases where that might apply, like `action.openPopup()`, are moving away from requiring it in the first place.
+ * [rob] I don't think consumption is contentious. The bigger question is how we should handle currying. `permissions.request()` seems like a case where we'd want to take proactive action to limit the ability to call it. May want to introduce a manifest key to allow extensions to curry from a content script to a background if we were to introduce this functionality. Also, I'd like to see data on how useful this would be. Not clear the benefit outweighs the abuse potential.
+ * [simeon] Extensions can inject an iframe that calls `permissions.request()` without the need for currying. While I feel this addresses many potential uses of currying, I want to recognize that this is an odd design pattern for a typical web developer. I don't expect the average extension dev to realize they can do something like this.
+ * [rob] Until Chrome implemented site isolation (about a decade ago), extension APIs were restricted in iframes. Nowadays Chrome extensions can indeed call extension APIs from extension frames. In Firefox we still restrict the API availability in extension frames though.
+
+[PR 802](https://github.com/w3c/webextensions/pull/802): Add proposal for `topFrameMatches` and `excludeTopFrameMatches`
+
+ * [rob] This proposal is about implementing a feature for [issue 763](https://github.com/w3c/webextensions/issues/763). We were all generally supportive, now we just need to review the details.
+ * [kiara] I will also add myself as a reviewer.
+
+[PR 885](https://github.com/w3c/webextensions/pull/885): Correct `iconVariants` and `colorSchemes` casing. Add `NotificationOptions.iconVariants`
+
+ * [kiara] Looks like this was merged. Was this also proposed for a previous meeting?
+ * [rob] Yes. It was nominated but not discussed, then merged in the meantime.
+
+[Issue 449](https://github.com/w3c/webextensions/issues/449): Provide way of handling unsupported DNR rule
+
+ * [dave] Working on adding new rule conditions to DNR. `topDomains`/`excludedTopDomains` in the past. What we did in the past is to tell people to wait for a bit until most users have updated their browsers before using it. For enum types there are objects on the namespace to support feature detection; for dictionaries that does not exist. Need API that let's one know that a rule can be used. But at least for the dictionary case.
+ * [rob] I believe this was discussed before. My preference was for a dedicated method to handle this rather than relying on properties, but if my approval is the only blocker to shipping properties, I'm not going to oppose the addition of these properties. For example, `testMatchOutcome()` could be expanded to take a rule to check if a request would match/not match, to enable feature detection in extensions. I have encountered a situation in Chrome where the API namespace showed the availability of a feature, but did not actually enable the feature. A dedicated method can be more reliable than just checking for properties (when Chrome added support for header matching, the properties were available before the feature was actually enabled).
+ * [dave] Agree a test method could help. I'd be supportive of a more generic method like this.
+ * [kiara] On Safari side, we'd be supportive of an enum. I feel a method based approach would be better, but that's non-blocking.
+ * [dave] Method and enum approaches are not necessarily mutually exclusive.
+
+The next meeting will be on [Thursday, December 18th, 8 AM PST (4 PM UTC)](https://everytimezone.com/?t=69449580,3c0).
diff --git a/_minutes/README.md b/_minutes/README.md
@@ -10,25 +10,26 @@ After the end of each meeting, meeting notes are published here.
 
 ## Upcoming meetings
 
-- 2025-12-04 at 8 AM PST = https://everytimezone.com/?t=69322080,3c0
 - 2025-12-18 at 8 AM PST = https://everytimezone.com/?t=69449580,3c0
+- 2026-01-15 at 8 AM PST = https://everytimezone.com/?t=69697f80,3c0
 
 ## Past meetings
 
+* 2025-12-04 ([minutes](2025-12-04-wecg.md))
 * 2025-11-20 ([minutes](2025-11-20-wecg.md))
 * 2025-11-14 at TPAC ([minutes](2025-11-14-wecg-tpac.md))
 * 2025-11-13 at TPAC ([minutes](2025-11-13-wecg-tpac.md))
 * 2025-11-10 at TPAC ([minutes](2025-11-10-wecg-tpac.md))
 * 2025-11-06 ([minutes](2025-11-06-wecg.md))
 * 2025-10-23 ([minutes](2025-10-23-wecg.md))
 * 2025-10-09 ([minutes](2025-10-09-wecg.md))
-* 2025-09-25 ([minutes](2025-09-25-wecg.md))
 
 <details>
 <summary><strong>All past meeting notes</strong></summary>
 
 **2025**
 
+* 2025-12-04 ([minutes](2025-12-04-wecg.md))
 * 2025-11-20 ([minutes](2025-11-20-wecg.md))
 * 2025-11-14 at TPAC ([minutes](2025-11-14-wecg-tpac.md))
 * 2025-11-13 at TPAC ([minutes](2025-11-13-wecg-tpac.md))
