@@ -18,19 +18,19 @@ the [Privacy Community Group](https://privacycg.github.io/).
1818
1919- [ Introduction] ( #introduction )
2020- [ Motivating Use Cases] ( #motivating-use-cases )
21- - [ Non-goals ] ( #non-goals )
21+ - [ Non-Goals ] ( #non-goals )
2222- [ The API] ( #the-api )
2323 - [ hasStorageAccess] ( #hasstorageaccess )
2424 - [ requestStorageAccess] ( #requeststorageaccess )
2525- [ Key Scenarios] ( #key-scenarios )
26+ - [ The User Is Not Yet Logged In To the Embedee] ( #the-user-is-not-yet-logged-in-to-the-embedee )
27+ - [ The User Opts Out] ( #the-user-opts-out )
28+ - [ Detailed Design Discussion] ( #detailed-design-discussion )
2629 - [ Recovery Path] ( #recovery-path )
2730 - [ Timeout of an Opt In] ( #timeout-of-an-opt-in )
28- - [ Detailed Design Discussion ] ( #detailed-design-discussion )
31+ - [ Considered Alternatives ] ( #considered-alternatives )
2932 - [ Automatically Grant Access to Websites Used Often] ( #automatically-grant-access-to-websites-used-often )
3033 - [ Automatically Grant Access Upon User Interaction] ( #automatically-grant-access-upon-user-interaction )
31- - [ Considered Alternatives] ( #considered-alternatives )
32- - [[ Alternative 1]] ( #alternative-1 )
33- - [[ Alternative 2]] ( #alternative-2 )
3434- [ Stakeholder Feedback / Opposition] ( #stakeholder-feedback--opposition )
3535- [ References & Acknowledgements] ( #references--acknowledgements )
3636
@@ -84,6 +84,11 @@ requirements that are serving those use cases but not the authenticated embed us
8484Storage Access API. That said, the Storage Access API is not in conflict with single sign-on, cross-site subscription
8585services, and federated logins.
8686
87+ The Storage Access API is not a gateway into a legacy or quirks mode with which third-parties request permission to
88+ get back to a state similar to before e.g. tracking prevention features. Concretely, granted storage access should
89+ not be interpreted as an "allow cross-site tracking mode" or "make old things work mode." The API is opt-in and is
90+ intended for modern scenarios that are created under the assumption of no third-party storage access by default.
91+
8792## The API
8893
8994The Storage Access API lives under the document object since it controls document.cookie and the scope of the storage
@@ -122,6 +127,20 @@ function makeRequestWithUserGesture() {
122127<button onclick =" makeRequestWithUserGesture()" button >
123128```
124129
130+ ### Scope of Storage Access
131+
132+ If an iframe is granted storage access through the API, only that calling iframe and its subresources should have
133+ access to storage.
134+
135+ The length in time of storage access is up to the browser. It could be for:
136+ - The lifetime of the frame as long as it's hosting content from the same website.
137+ - The lifetime of the top page.
138+ - The lifetime of the browsing session.
139+ - A certain amount of calendar time such as seven days.
140+
141+ It should be noted that since only the calling iframe gets storage access, it's hard to grant storage access across
142+ browsing sessions or page loads.
143+
125144## Key scenarios
126145
127146### The User Is Not Yet Logged In To the Embedee
@@ -155,6 +174,15 @@ new prompt is shown? Options include 1) as long as the user keeps re-engaging wi
155174hourly/daily/weekly/monthly basis, 2) with a static timeout of e.g. 30 days, or 3) only for the lifetime of the embedded
156175document.
157176
177+ ### Compatibility Measure
178+
179+ A compatibility measure that has proven to be effective in the wild (shipping in Safari and Firefox) is to automatically
180+ open up page-wide storage access for a third-party that opens a popup through ``` window.open() ``` and receives user
181+ interaction in that popup.
182+
183+ This page-wide scope is a good example of a legacy mode of sorts which is not the intention of the Storage Access API,
184+ as explained in [ Non-Goals] ( #non-goals ) .
185+
158186## Considered Alternatives
159187
160188There are some possible alternatives.
@@ -181,7 +209,8 @@ for instance through invisible overlay iframes à la Clickjacking or through ifr
181209
182210- Safari : Shipping
183211- Firefox : Shipping
184- - Edge : Positive
212+ - Edge : Implementing
213+ - Brave : Positive
185214- Chrome : No public signal
186215
187216## References & Acknowledgements
0 commit comments