Add a noopener-allow-popups value to COOP

source

@@ -86791,6 +86791,41 @@ dictionary <dfn dictionary>DragEventInit</dfn> : <span>MouseEventInit</span> {
     `<code>Cross-Origin-Embedder-Policy</code>` header whose value is <span>compatible with
     cross-origin isolation</span> together.</p>
    </dd>
+
+   <dt>"<dfn><code data-x="coop-noopener-allow-popups">nooopener-allow-popups</code></dfn>"</dt>
+   <dd>
+    <p>This forces the creation of a new <span>top-level browsing context</span> for the document,
+    regardless of its predecessor.</p>
+
+    <div class="note">
+    <p>While including a <code
+    data-x="coop-noopener-allow-popups">nooopener-allow-popups</code> value severs the opener
+    relationship between the document on which it is applied and its opener, it does not create a
+    robust security boundary between those same-origin documents.</p>
+
+    <p>Other risks from same-origin applications include:</p>
+    <ul>
+     <li><p>Same-origin requests fetching the document's content — could be mitigated through
+     Fetch Metadata filtering.</p></li>
+     <li><p>Same-origin framing - could be mitigated through <code>X-Frame-Options</code> or CSP
+     <code data-x="frame-ancestors directive">frame-ancestors</code>.</p></li>
+     <li><p>JavaScript accessible cookies - can be mitigated by ensuring all cookies are <code
+     data-x="">httponly</code>.</p></li>
+     <li><p>localStorage access to sensitive data.</p></li>
+     <li><p>Service worker installation.</p></li>
+     <li><p>Cache API manipulation or access to sensitive data.</p></li>
+     <li><p><code data-x="">postMessage</code> or <code>BroadcastChannel</code> messaging that
+     exposes sensitive information.</p></li>
+     <li><p>Autofill which may not require user interaction for same-origin documents.</p></li>
+    </ul>
+    <p>Developers using <code data-x="coop-noopener-allow-popups">nooopener-allow-popups</code>
+    need to make sure that their sensitive applications don't rely on client-side features
+    accessible to other same-origin documents, e.g., localStorage and other client-side storage
+    APIs, BroadcastChannel and related same-origin communication mechanisms. They also need to make
+    sure that their server-side endpoints don't return sensitive data to non-navigation requests,
+    whose response content is accessible to same-origin documents.</p>
+    </div>
+   </dd>
   </dl>
 
   <div w-nodev>
@@ -86814,18 +86849,24 @@ dictionary <dfn dictionary>DragEventInit</dfn> : <span>MouseEventInit</span> {
   </ul>
 
   <p>To <dfn data-x="matching-coop">match opener policy values</dfn>, given an <span>opener policy
-  value</span> <var>A</var>, an <span>origin</span> <var>originA</var>, an <span>opener policy
-  value</span> <var>B</var>, and an <span>origin</span> <var>originB</var>:</p>
+  value</span> <var>document COOP</var>, an <span>origin</span> <var>document origin</var>, an
+  <span>opener policy value</span> <var>response COOP</var>, and an <span>origin</span>
+  <var>response origin</var>:</p>
 
   <ol>
-   <li><p>If <var>A</var> is "<code data-x="coop-unsafe-none">unsafe-none</code>" and <var>B</var>
-   is "<code data-x="coop-unsafe-none">unsafe-none</code>", then return true.</p></li>
+   <li><p>If <var>document COOP</var> is "<code data-x="coop-unsafe-none">unsafe-none</code>" and
+   <var>response COOP</var> is "<code data-x="coop-unsafe-none">unsafe-none</code>", then return
+   true.</p></li>
+
+   <li><p>If <var>document COOP</var> is "<code data-x="coop-unsafe-none">unsafe-none</code>" or
+   <var>response COOP</var> is "<code data-x="coop-unsafe-none">unsafe-none</code>", then return
+   false.</p></li>
 
-   <li><p>If <var>A</var> is "<code data-x="coop-unsafe-none">unsafe-none</code>" or <var>B</var>
-   is "<code data-x="coop-unsafe-none">unsafe-none</code>", then return false.</p></li>
+   <li><p>If <var>response COOP</var> is "<code
+   data-x="coop-noopener-allow-popups">noopener-allow-popups</code>", then return false.</p></li>
 
-   <li><p>If <var>A</var> is <var>B</var> and <var>originA</var> is <span>same origin</span> with
-   <var>originB</var>, then return true.</p></li>
+   <li><p>If <var>document COOP</var> is <var>response COOP</var> and <var>document origin</var> is
+   <span>same origin</span> with <var>response origin</var>, then return true.</p></li>
 
    <li><p>Return false.</p></li>
   </ol>
@@ -86899,6 +86940,11 @@ dictionary <dfn dictionary>DragEventInit</dfn> : <span>MouseEventInit</span> {
      <var>policy</var>'s <span data-x="coop-struct-value">value</span> to "<code
      data-x="coop-same-origin-allow-popups">same-origin-allow-popups</code>".</p></li>
 
+     <li><p>If <var>parsedItem</var>[0] is "<code
+     data-x="coop-noopener-allow-popups">noopener-allow-popups</code>", then set
+     <var>policy</var>'s <span data-x="coop-struct-value">value</span> to "<code
+     data-x="coop-noopener-allow-popups">noopener-allow-popups</code>".</p></li>
+
      <li><p>If <var>parsedItem</var>[1]["<code data-x="coop-report-to">report-to</code>"] <span
      data-x="map exists">exists</span> and it is a string, then set <var>policy</var>'s <span
      data-x="coop-struct-report-endpoint">reporting endpoint</span> to
@@ -86971,7 +87017,13 @@ dictionary <dfn dictionary>DragEventInit</dfn> : <span>MouseEventInit</span> {
   <ol>
    <li><p>If the result of <span data-x="matching-coop">matching</span>
    <var>activeDocumentCOOPValue</var>, <var>activeDocumentNavigationOrigin</var>,
-   <var>responseCOOPValue</var>, and <var>responseOrigin</var> is true, return false.</p></li>
+   <var>responseCOOPValue</var>, and <var>responseOrigin</var> is true, then return false.</p></li>
+
+   <li><p>If <var>activeDocumentCOOPValue</var> is "<code
+   data-x="coop-noopener-allow-popups">noopener-allow-popups</code>" and
+   <var>responseCOOPValue</var> is "<code
+   data-x="coop-same-origin-allow-popups">same-origin-allow-popups</code>" or "<code
+   data-x="coop-unsafe-none">unsafe-none</code>", then return false.</p></li>
 
    <li>
     <p>If all of the following are true:</p>