WARNING! Gitlab maintenance operation scheduled for Thursday, 18 June between 19:00 and 20:00 (CET). During this time window, short service interruptions (less than 5 minutes) may occur. Thank you in advance for your understanding.
This clause addresses the requirements in the CRA [\[i.1\]](#_ref_i.1) Annex 1 Part 1 (2) (h).
**[REQ-AP-1]**: The web browser shall take steps to reduce the risk that errors or crashes in one website running in one tab cause other, unrelated tabs to crash.
Example: Running different tabs in different renderer processes some of the time
Applicability: UC-CONS and UC-INST
Note: Guarantees here are not absolute. Current web browsers have various cases where one tab can take another down.
**[REQ-AP-2]**: The web browser shall take steps, on a best-effort basis, to save the state of running websites such that they can be restored later following an incident.
Applicability: UC-CONS and UC-INST
**[REQ-EXT-AP-1]**: The product shall make the best effort to prevent the ability of an extension to make the product unavailable.
**[REQ-ISO-AP-1]**: The product shall take steps to reduce the risk that errors or crashes in one website running in one tab cause other, unrelated tabs to crash.
@@ -645,6 +657,8 @@ Proposed ESR code: IM
This clause addresses the requirements in the CRA [\[i.1\]](#_ref_i.1) Annex 1 Part 1 (2) (i).
**[REQ-IM-1]**: The web browser's technical documentation shall describe all network protocols implemented by the browser, or include references to such protocols. These protocols shall either be industry standards (preferably), or be described with similar technical detail to industry standards.
**[REQ-EXT-IM-1]**: If the product is running with elevated system privileges, extensions will be prevented from executing with those elevated privileges.
**[REQ-EXT-IM-2]**: The product shall permit extensions to communicate with native applications only when declared in the extension manifest and the native application is configured according to the product requirements for doing so.
@@ -667,6 +681,10 @@ Proposed ESR code: MAS
This clause addresses the requirements in the CRA [\[i.1\]](#_ref_i.1) Annex 1 Part 1 (2) (j).
**[REQ-MAS-1]**: The web browser's technical documentation shall describe all web-exposed interfaces, or include references to such descriptions. These interfaces shall either be industry standards (preferably), or be described with similar technical detail to industry standards.
**[REQ-MAS-2]**: The web browser shall apply fuzz testing to web-exposed interfaces including HTML, CSS, JavaScript, WebAssembly, HTTP and TLS, as well as APIs, headers, options, etc exposed within those interfaces.
**[REQ-EXT-MAS-1]**: The product's extension APIs shall be documented, and the documentation shall specify for each API the purpose, inputs and outputs, permissions required, its security-related behaviour, and the platforms the API is available on.
**[REQ-EXT-MAS-2]**: The product shall support enterprise policy controls allowing administrators to disable the extension feature entirely, or specify an allow-list of extensions.
@@ -693,6 +711,18 @@ Proposed ESR code: EMM
This clause addresses the requirements in the CRA [\[i.1\]](#_ref_i.1) Annex 1 Part 1 (2) (k).
**[REQ-EMM-1]**: The web browser shall separate certain web browser components from each other to reduce the scope of exploits.
Examples: Sandboxing JavaScript/WebAssembly from the rest of the renderer process, containing the renderer and networking in separate processes
**[REQ-EMM-2]**: The web browser shall isolate different sites from each other, including from side-channel attacks.
Example: Process isolation of sites
**[REQ-EMM-3]**: The web browser shall reduce the privileges of its various components with respect to the operating system to the level required to perform their tasks.
Example: In the context of a browser with the separation of a renderer and browser process, denying direct access of the renderer process to various OS system calls
**[REQ-EXT-EMM-1]**: The product shall enforce a Content Security Policy for extension pages and scripts injected into web content.
**[REQ-EXT-EMM-2]**: The product shall validate an extension's manifest before installation and update, reject manifests that are malformed or contain disallowed content, and ignore unrecognised optional fields.
