Intent to Prototype: Storage Access API with Prompts

316 views
Skip to first unread message

Shuran Huang

unread,
Jun 26, 2023, 11:33:07 AM6/26/23
to blin...@chromium.org, Chris Fredrickson, joha...@chromium.org

Contact emails

cfre...@chromium.org, joha...@chromium.org, shu...@chromium.org


Explainer

https://github.com/cfredric/chrome-storage-access-api

https://github.com/privacycg/storage-access/blob/main/README.md


Specification

https://privacycg.github.io/storage-access


Summary

The Storage Access API provides a means for authenticated cross-site embeds to check whether they have access to their unpartitioned cookies and request access to unpartitioned cookies if they are blocked. Chrome already supports the Storage Access API across sites within the same First-Party Set, in conformance with the specification, and now we intend to prototype support for user permission prompts and user-agent-specific permission behaviors in line with what other browsers are shipping.


Note that Edge previously sent an I2I for the Storage Access API feature, but we felt it was appropriate to send a new I2P given that Chrome previously shipped support for the Storage Access API gated on First-Party Sets membership and did not support prompts.


Blink component

Blink>StorageAccessAPI


Motivation

Chrome currently supports the Storage Access API without a user prompt – access is only granted based on First-Party Sets. However, some user experiences rely on access to unpartitioned cookies in cross-site contexts and are not supported by the existing solution. The Storage Access API with prompts provides a way for sites to request cross-site cookie access to enable these use cases. We aim to implement this in a way that does not overwhelm users with prompts or compromise their privacy.



Initial public proposal

https://github.com/whatwg/html/issues/3338


TAG review

https://github.com/w3ctag/design-reviews/issues/807


TAG review status

Positive


Risks



Interoperability and Compatibility

There is minor compatibility risk as Firefox and Safari already differ slightly in their user-agent-specific prompt requirements. Chrome's planned behavior is closest to Safari's current behavior, and we aim to standardize as much of this user-agent-specific behavior as possible over time.


Gecko: Shipping


WebKit: Shipping


Web developers: Positive

There has been great developer interest in the Storage Access API, given that it provides the only predictable way of working with cross-site cookies in many browsers. Various developers have chimed in on https://github.com/whatwg/html/issues/3338 and filed issues on https://github.com/privacycg/storage-access.


Other signals: Edge has shipped Blink's current implementation of this behavior, which differs from Chrome's plans. We have kept (and intend to continue keeping) Edge engineers in the loop about these changes and there will be feature flags to control this behavior.


WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

None



Debuggability

None



Is this feature fully tested by web-platform-tests?

No, because prompt behavior and user-agent-specific behaviors are not testable. The Storage Access API itself is tested at https://wpt.fyi/results/storage-access-api.


Flag name

StorageAccessAPI, PermissionStorageAccessAPI


Requires code in //chrome?

True


Estimated milestones

Desktop 117

Android 119



Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5085655327047680


Links to previous Intent discussions

https://groups.google.com/u/1/a/chromium.org/g/blink-dev/c/e5fu5Q06ntA/m/1KF5oNEXAgAJ

https://groups.google.com/u/1/a/chromium.org/g/blink-dev/c/V9PzoCvIIIs/m/b4R9G0xoCQAJ



This intent message was generated by Chrome Platform Status.


Reply all
Reply to author
Forward
0 new messages