Intent to Experiment: Shared Storage API

[Josh Karlin]

Contact emails

cam...@chromium.org, yao...@chromium.org, erict...@chromium.org, jka...@chromium.org

 

Explainer

Explainer (WICG proposal)

 

Specification

TBD

 

Summary

Shared Storage allows for unpartitioned storage (i.e. not partitioned by top-frame as is planned for other types of storage) that may only be read in a secure environment with carefully constructed output gates. This API is intended to support many cross-site use cases on the web while significantly decreasing cross-site user tracking.

This I2E is for Shared Storage's first output gate, called selectURL. It allows Shared Storage to be used to select from a short list of URLS to be displayed in a Fenced Frame. Gates related to aggregate reporting will follow in future experiments. 

 

Blink component

Blink>Storage>SharedStorage

 

TAG review

https://github.com/w3ctag/design-reviews/issues/747

 

TAG review status

Pending

 

Risks

 

Interoperability and Compatibility

  

Gecko/Webkit: No signal as we're first in the process of moving this into a community group.  

 

Web developers: No signals

 

Other signals:

 

WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

              No.

 

 

Goals for experimentation

The intent is for experimenters to try out Shared Storage and see how well it works for them. We expect there to be utility trade-offs and bumps along the road toward optimizing privacy. We also expect it may be necessary to change budgeting parameters and we intend to add new output gate algorithms along the way. So please experiment and provide feedback on the issue tracker to help us improve the API.

 

Experiment Configuration

The origin trial for this experiment is shared among various Privacy Sandbox APIs. Our goal is to allow for coordinated experiments to be run by multiple different sites, across multiple APIs in one OT.

 

This shared origin trial, Privacy Sandbox Ads APIs, is a third-party origin trial. To ensure that developers can run coordinated experiments without concern for exceeding page load usage thresholds, this Origin Trial is available for a subset of users by default. Therefore, it will be necessary to feature test to ensure that the API surface you want to use is available after providing your OT token. A second advantage of this configuration is that different experimenters will experiment with the same users, which enables coordination for APIs like FLEDGE across third parties.

 

 

Ongoing technical constraints

As mentioned above, this experiment includes only the selectURL output gate of SharedStorage. We will follow up with aggregate reporting gates in future releases.

 

Debuggability

There are no particular debugging APIs made available or Chrome DevTools integrations for this OT.

 

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?

All but WebView.

 

Is this feature fully tested by web-platform-tests?

Internal platform tests exist, but they’re internal-only until we’re able to make the fenced frames test infrastructure external.

 

Flag name

On M104 or greater, the API can be enabled from `chrome://flags/#privacy-sandbox-ads-apis`, or by activating the `SharedStorageAPI`, `FencedFrames`, and `PrivacySandboxAdsAPIsOverride` features.

 

Requires code in //chrome?

Only for permission checks.

 

Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1218540

 

Launch bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1218535

 

Estimated milestones

We intend to begin experimenting in M104 as part of the Privacy Sandbox APIs Origin Trial.

 

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/6256348582903808

 

This intent message was generated by Chrome Platform Status.

[Yoav Weiss]

What are the timelines for running the experiment? M104 till?

[Josh Karlin]

Hi Yoav,

It's tied to the lifetime of the larger Privacy Sandbox Ads APIs OT, which is currently set to end in M104 although we anticipate asking for an extension soon to facilitate additional testing.

[Yoav Weiss]

LGTM to experiment, starting from M104.

Makes sense!