ay...@chromium.org, pwn...@chromium.org, jsb...@chromium.org
https://github.com/WICG/cookie-store/blob/main/explainer.md
https://wicg.github.io/cookie-store/
https://docs.google.com/document/d/1ak6JzOMMO5q3dXvu4mHFWR-LLvaDc09XDvdeJZLtZd4/edit?usp=sharing
https://github.com/w3ctag/design-reviews/issues/469
The Cookie Store API exposes HTTP cookies to service workers and offers an asynchronous alternative to document.cookie.
https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/gU-tSdjR4rA/discussion
https://docs.google.com/document/d/1-bFqtgxquTNoNBK-51MvhrsoRSIqZ63MBoiVLkCrP10/edit?usp=sharing
Websites will still be able to use existing document.cookie for other browsers if they do not end up implementing this API.
Gecko: Defer (https://mozilla.github.io/standards-positions/#cookie-store)
WebKit: No signal (https://lists.webkit.org/pipermail/webkit-dev/2020-August/031364.html)
Web developers: Positive (https://github.com/WICG/cookie-store/issues/31#issuecomment-239707182, https://discourse.wicg.io/t/rfc-proposal-for-an-asynchronous-cookies-api/1652/2)
Working with Internal Google partners.
One of the major use cases for this feature requested by web developers is for session cookies. Cookie Store API will allow Service Workers to react to session state changes and cleanup private cached data.
None, this does not change the security properties of cookies on the Web Platform. Cookie Store API’s design also nudges developers toward better defaults with default path, and encourages security by restricting API usage to secure contexts only. (https://wicg.github.io/cookie-store/#restrict)
DevTools already has great support for cookies.
Yes
Yes https://wpt.fyi/results/cookie-store?label=experimental&label=master&aligned
https://chromestatus.com/feature/5658847691669504
As spec mentor for this API, I want to chime and say that the feature and its specification look great. Over the last couple of weeks ayui@ has worked to close out remaining specification and explainer issues and get things into ship-shape. Notable examples:
At this point I’m very happy with the specification; it’s a model of clarity and precision, and should be interoperably implementable. (It’ll also be really nice for web developers!)
> Specification
>
> https://wicg.github.io/cookie-store/
Are you planning to move the spec out of incubation into any standards
group?
> WebKit: No signal
> (https://lists.webkit.org/pipermail/webkit-dev/2020-August/031364.html)
It seems they like the idea but haven't evaluated some implications yet.
Do we have any more information about those potential concerns from Apple?
Security
None, this does not change the security properties of cookies on the Web Platform. Cookie Store API’s design also nudges developers toward better defaults with default path, and encourages security by restricting API usage to secure contexts only. (https://wicg.github.io/cookie-store/#restrict)
Debuggability
DevTools already has great support for cookies.
Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?
Yes
Is this feature fully tested by web-platform-tests?
Yes https://wpt.fyi/results/cookie-store?label=experimental&label=master&aligned
Tracking bug
Link to entry on the Chrome Platform Status
https://chromestatus.com/feature/5658847691669504
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/e8f2acdb-ca4a-41e3-b183-f2a86d0def53o%40chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CACj%3DBEgOXNY02HYhvv2EFTW4D1ky%2B5hTuqd9%3D-yzMeOXd5y1tA%40mail.gmail.com.