WARNING! Gitlab maintenance operation scheduled for Thursday, 18 June between 19:00 and 20:00 (CET). During this time window, short service interruptions (less than 5 minutes) may occur. Thank you in advance for your understanding.
@@ -332,6 +332,8 @@ For the purposes of this standard, the enterprise browser use case shares the sa
Embedded browsers are integrated as components within a host application and therefore execute and render untrusted web content within the host application context itself. Despite sharing the same trust boundaries as general purpose web browsers (See General Purpose Web Browser Architecture Diagram), embedded browsers' architecture (See Embedded Browser Architecture Diagram) and trust model differs from standalone web browsers in the following respects:
Depending on the actual technological implementation, the user's active sessions, passwords, and cookies may or may not be shared with the application.
- A JavaScript Bridge separates untrusted web content execution from the host application context, mediating embedded browser access to host application source code;
- Unlike standalone browsers, embedded browsers typically handle web content loading from the host application itself through the Native API gateway, as opposed to direct user interaction;
- Web browser extensions are typically absent in embedded browser contexts and as a result, the Browser Extension Content Execution Process is not present in the embedded browser use case architecture (See Embedded Browser Architecture Diagram).
