What information might this feature expose to Web sites or other parties, and for what purposes is that exposure necessary?
This feature allows the use of APIs gated behind crossOriginIsolation (SharedArrayBuffers) on pages that have COEP and COOP same-origin-allow-popups. Previously, those were only available to pages with COOP same-origin.
Do features in your specification expose the minimum amount of information necessary to enable their intended uses?
Yes.
How do the features in your specification deal with personal information, personally-identifiable information (PII), or information derived from them?
The feature does not deal with PII.
The feature does not deal with sensitive information.
Do the features in your specification introduce new state for an origin that persists across browsing sessions?
No.
No.
No.
No.
What data do the features in this specification expose to an origin? Please also document what data is identical to data exposed by other features, in the same or different contexts.
This feature allows the use of APIs gated behind crossOriginIsolation (SharedArrayBuffers) on pages that have COEP and COOP same-origin-allow-popups. Previously, those were only available to pages with COOP same-origin.
No.
No.
Do features in this specification allow an origin some measure of control over a user agent’s native UI?
No.
None.
COOP is only applicable to top-level frame, so the notion of first-party and third-party contexts does not apply here.
How do the features in this specification work in the context of a browser’s Private Browsing or Incognito mode?
No difference with regular mode.
Yes.
No.