From 2d4cd461429d817547f3bd5d91cc4137e998ee10 Mon Sep 17 00:00:00 2001 From: Guy Bedford Date: Thu, 28 Mar 2024 15:10:43 -0700 Subject: [PATCH 1/3] add CSP policy note --- proposals/esm-integration/README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/proposals/esm-integration/README.md b/proposals/esm-integration/README.md index 9f5362273..ba0acde0f 100644 --- a/proposals/esm-integration/README.md +++ b/proposals/esm-integration/README.md @@ -141,6 +141,14 @@ Some impacts of reading the imports up-front: See the FAQ for more explanation of the rationale for this design decision, and what features it enables which would be difficult or impossible otherwise. +### Content Security Policy + +CSP policies are verified at the time of Wasm compilation through the `HostEnsureCanCompileWasmBytes` abstract +operation. + +Wasm modules loaded through the ES Module system should follow the existing `script-src` policy on the page when +compiled through the module system hooks. Further refinements to the Wasm CSP policy may then be added in future. + ## FAQ ### How would this work, in some concrete examples? From 05ace87a34a22539135535fba32f0e35918f7e4b Mon Sep 17 00:00:00 2001 From: Guy Bedford Date: Thu, 28 Mar 2024 15:22:25 -0700 Subject: [PATCH 2/3] rewording --- proposals/esm-integration/README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/proposals/esm-integration/README.md b/proposals/esm-integration/README.md index ba0acde0f..be65c0b8f 100644 --- a/proposals/esm-integration/README.md +++ b/proposals/esm-integration/README.md @@ -144,10 +144,11 @@ See the FAQ for more explanation of the rationale for this design decision, and ### Content Security Policy CSP policies are verified at the time of Wasm compilation through the `HostEnsureCanCompileWasmBytes` abstract -operation. +operation defined by the [Web Content Security Policy proposal](https://github.com/WebAssembly/content-security-policy). -Wasm modules loaded through the ES Module system should follow the existing `script-src` policy on the page when -compiled through the module system hooks. Further refinements to the Wasm CSP policy may then be added in future. +Wasm modules imported through the ES Module system should be verified for compilation by CSP against the `script-src` +directive, both for static and dynamic imports. This allows Wasm and JS to be equally supported in the ESM +integration under CSP policies. Further refinements to the Wasm CSP policy may be added in future. ## FAQ From 5156f41a29d4b5dcac9ad8ee2a32188686d584f4 Mon Sep 17 00:00:00 2001 From: Guy Bedford Date: Tue, 2 Apr 2024 12:50:19 -0700 Subject: [PATCH 3/3] update note that Wasm is likely not a stricter policy --- proposals/esm-integration/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/proposals/esm-integration/README.md b/proposals/esm-integration/README.md index be65c0b8f..f8cafe2ee 100644 --- a/proposals/esm-integration/README.md +++ b/proposals/esm-integration/README.md @@ -143,12 +143,12 @@ See the FAQ for more explanation of the rationale for this design decision, and ### Content Security Policy -CSP policies are verified at the time of Wasm compilation through the `HostEnsureCanCompileWasmBytes` abstract -operation defined by the [Web Content Security Policy proposal](https://github.com/WebAssembly/content-security-policy). - Wasm modules imported through the ES Module system should be verified for compilation by CSP against the `script-src` directive, both for static and dynamic imports. This allows Wasm and JS to be equally supported in the ESM -integration under CSP policies. Further refinements to the Wasm CSP policy may be added in future. +integration under CSP policies. + +While Wasm is currently fully sandboxed, having equal access to imports to JS provides it equal capabilities to +execution primitives, so that it should not be considered a weaker capability from an ESM integration perspective. ## FAQ