In fission-enabled Firefox, the First Contentful Paint notification will not consider paints from cross-origin iframes. (I assume/suspect it does consider such paints in non-fission Firefox.)

This is probably-fine and seems to be allowed by the spec[1] -- it seems like potentially a useful security/site-isolation improvement. So there may be no-action-needed here; I just wanted to file a bug to note this likely-behavior-change.

In particular: our First Contentful Paint implementation uses the GetRootPresContext() API in at least two spots, here and here. In non-fission-enabled Firefox, I'm pretty sure this API will traverse up across iframe boundaries and reach the PresContext for the ultimate top-level viewport; but now with fission, it will have to stop if it hits a cross-origin iframe boundary.

[1] Spec text / discussion around this, see this bit at the end of https://w3c.github.io/paint-timing/#sec-terminology :

a user agent may decide to disable paint-timing for cross-origin iframes

Also, https://github.com/w3c/paint-timing/issues/54 has some discussion around this area as well.

Yeah, we don't want to expose FCP for cross-origin iframes. I don't see there's anything that we should do here.

Cool. I suspect we do expose it in non-fission builds (unless there's some separate mechanism that we use to intentionally block it); but yeah, seems like it's a good thing that we're changing (with fission) to not-expose-it.

I'll close this as WORKSFORME.