> The Storage Access API non-cookie storage spec [1] and corresponding >> Chromium implementation had already planned to allow access to first-party >> Blob URLs

at today's API OWNERs, and Vlad and I are in the same > boat (I think?), which is that we're glad that you were able to confirm our > understanding of the situation, but the

partition-api Specification None Summary The Related Website Partition (RWP) API is a novel mechanism for providing third-party embeds access to a partitioned, non-cookie storage

and the Storage Access API (by itself, or even in conjunction >>> with >>> >>> FedCM). A series of heuristics >>> >>> were also put

support for Storage Access API (SAA). While it is mentioned in the SAA with Prompts thread that WebView is not supported, SAA is callable from WebView and will determine results based

blink-api-owners-discuss about whether we can >>> also ship on WebView (given the earlier discussion), though I think it's >>> still waiting for approval

this morning's API OWNERS meeting, and > given that there's some renaming risk, it sounds like there's > support to extend you past the 1 extra milestone you'

Login Status API, and allow Relying Parties (RPs) to request access to this information via a browser-mediated prompt similar to the current FedCM flow. By storing the account information

> generic Storage Access API prompt. > > One piece of feedback we got on the API was a question on > whether `navigator.credentials.preventSilentAccess()` > should

> Other API OWNERs may disagree with me (and that's OK), but I'm > not personally inclined to approve an extension here in order > to prevent a small gap in availability

the Blink API owners would >>>>>>>>>>>>> still review it carefully, but in the context of the other intents that >>>>>

Update: The feature has landed in M128 stable. The flag name associated with this feature has changed since the I2S from

CHIPS, Storage Access API, > Related Website Sets, FedCM, etc. > > Experiment Risks > > No, since this experiment allows sites to opt-in to limiting third-party >

us if storage partitioning is disabled. It just tells you if there is unpartitioned cookie access. That will always return false post-3PCD. It will also return true pre-3PCD with storage

indicate if access to non-cookie storage via requestStorageAccess was granted, it *only* indicates if unpartitioned cookies are available in the given context (which may have been

cfredric/storage-access-headers/issues/7, implementing > arturjanc's proposal ("Require Activate-Storage-Access to specify not only > permission, but

googlers/storage-access-for-fedcm Specification None Summary Reconciles the Federated Credential Management (FedCM) and Storage Access APIs by making a prior permission grant

cookie-storage/ > > Feedback > > https://github.com/privacycg/saa-non-cookie-storage/issues > > Design Doc > > > https://docs.google.com/document

cookie-storage/ ~ Ari Chivukula (Their/There/They're) On Mon, Jan 29, 2024 at 1:41 PM Ari Chivukula wrote: > Please note the repo has been moved into PrivacyCG, and the new

Hi Blink API owners, >>>>> >>>>> We would like to request your approval for adding a first-party >>>>> version of this Deprecation

extension to Storage Access API (SAA) to non-cookie storage ) have been published! Explainer: Extending Storage Access API (SAA) to omit unpartitioned cookies The current Storage

you to access first-party SharedWorkers, those workers would have >> access to SameSite=Strict cookies. Chrome's decision at this juncture is to >> not provide

the FedCM API, when a user is signing in to a relying party (RP) with an identity provider (IdP) in the browser for the first time, the browser will treat them as a “new” user since it didn

PaymentRequest and Storage access API effectively all follow > this policy too. 3PCD doesn't block cross-origin information sharing, it > just requires user consent

browser-api-login-status. Since WebKit > has expressed some interest in using this API in other scenarios than just > FedCM I imagine there may be a request at some point to move

" the storage-access status of their parent (whether the parent is a document, or is another worker). This behavior is not specified by the Storage Access API (SAA) spec, but is

chrome-storage-access-api#testing-instructions > > On Tuesday, August 22, 2023 at 1:26:10 PM UTC-4 Mike Taylor wrote: > >> LGTM3 >> On 8/22/23 10:49 AM,

chrome-storage-access-api https://github.com/privacycg/storage-access/blob/main/README.md Specification https://privacycg.github.io/storage-access Summary The

shipping an API that we're unhappy with (arguably the name is what we're really most unhappy about). Through our involvement we were able to go back to key design concerns (

describes the API shape and behavior. The design we're shipping is the "singular" one from the explainer. The discussion of the "plural" API in the explainer