Two additional explainers (each of which is an extension to Storage Access API (SAA) to non-cookie storage <https://arichiv.github.io/saa-non-cookie-storage/>) have been published!
Explainer: Extending Storage Access API (SAA) to omit unpartitioned cookies <https://arichiv.github.io/saa-non-cookie-storage/omit-unpartitioned-cookies.html> The current Storage Access API requires that unpartitioned cookie access is granted if any unpartitioned storage access is needed. This forces unpartitioned cookies to be included in network requests which may not need them, having impacts on network performance and security. Before the extension ships, we have a chance to fix this behavior without a compatibility break. Explainer: Extending Storage Access API (SAA) to Shared Workers <https://arichiv.github.io/saa-non-cookie-storage/shared-workers.html> There has been increasing developer and implementer interest in first-party workers being available in third-party contexts the same way that third-party cookies already can be. In the absence of such a solution, we leave developers without a robust way to manage cross-tab state for frames loading the same origin. This explainer proposes a solution for developers to regain third-party access to Shared Workers in select instances to avoid user-facing breakage in browsers shipping storage partitioning. On Fri, Sep 8, 2023 at 9:52 AM Ari Chivukula <aric...@chromium.org> wrote: > *Contact Emails* > aric...@chromium.org, hele...@google.com, johann...@chromium.org, > wanderv...@chromium.org > > *Explainer* > https://arichiv.github.io/saa-non-cookie-storage/ > > *Summary* > To prevent certain types of cross-site tracking, storage and communication > APIs in third party contexts are being partitioned or deprecated (read more > about storage partitioning > <https://developer.chrome.com/en/docs/privacy-sandbox/storage-partitioning/> > and cookie deprecation efforts > <https://developer.chrome.com/docs/privacy-sandbox/third-party-cookie-phase-out/> > in Chrome and Firefox > <https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning>). > This breaks use cases that depend on cookie and non-cookie storage and > communication surfaces in cross-site contexts. Several solutions (like > Chrome’s Privacy Sandbox > <https://developer.chrome.com/docs/privacy-sandbox/overview/>) have been > proposed to address use cases that rely on third-party cookies, including > the Storage Access API <https://github.com/privacycg/storage-access> > (shipping with multi-browser support), which facilitates limited access to > third-party cookies in specific scenarios to mitigate user-facing breakage. > This explainer proposes to extend that same mechanism to non-cookie > storage/communication mediums. > > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAGpy5DLtd5NbPE11DZDO2%2BM96Ze08AUhAx%3DB5ezStZqoJbxqMA%40mail.gmail.com.
