Hi Becca,
Could you explain a bit more how this is intended to be used?
This intent came up during privacy + security review, and I was having a hard time forming an opinion on it since most questions would require to know what happens with the data. These are the kind of questions I'd like to understand:
- When would a browser fetch the feed?
(Generally we've been very careful about any requests - especially personalized requests - that happen outside of users' browsing sessions, since users typically expect that interaction with a site ceases once the tab is closed.)
- Would it ever fetch any of the media on this list? When? Are there previews?
- If a server attaches user-specific IDs to the media URLs listed in the feeds, would that allow the server to recognize the user in circumstances where it currently couldn't? (E.g., if cookies have been cleared between the feed fetch and the media fetch? What if the feed points to a media URL on a different origin than the feed?)
- How is incognito mode handled?
Does it use the same feed for both? (I.e., can it 'leak' between regular or incognito sessions?) Or separate feeds? (How/how long does it get stored?) Or is it disabled in incognito? (I.e., is it an Incognito distinguisher?)
A (somewhat unrelated) question, about complexity: Why would this be a browser feature in the first place? Could a website that wishes to make use of this implement the same thing using existing mechanisms, like a ServiceWorker + JavaScript-based parsing of the feed?