FYI, we're going to extend this OT another 2 milestones, to 129 inclusive. (Existing OT tokens will still work, they won't expire IIUC.)
On Tuesday, May 7, 2024 at 11:02:03 AM UTC-4 Mike Taylor wrote: > LGTM to experiment from 126 to 127 inclusive. > On 5/7/24 10:52 AM, Chris Fredrickson wrote: > > Contact emails > > joha...@chromium.org, cfre...@chromium.org, yi...@chromium.org > > Explainer > > https://github.com/explainers-by-googlers/storage-access-for-fedcm > > Specification > > None (TBD) > > Summary > > Reconciles the FedCM and Storage Access APIs by making a prior FedCM grant > a valid reason to automatically approve a storage access request. > > When a user grants permission for using their identity with a 3rd party > Identity Provider (IdP) on a Relying Party (RP), many IdPs require > third-party cookies to function correctly and securely. This proposal aims > to satisfy that requirement in a private and secure manner by updating the > Storage Access API (SAA) permission checks to not only accept the > permission grant that is given by a storage access prompt, but also the > permission grant that is given by a FedCM prompt. > > A key property of this mechanism is limiting the grant to cases explicitly > allowed by the RP via the FedCM permissions policy, enforcing a per-frame > control for the RP and preventing passive surveillance by the IdP beyond > the capabilities that FedCM already grants, as outlined in the Privacy > Considerations > <https://github.com/explainers-by-googlers/storage-access-for-fedcm?tab=readme-ov-file#privacy-considerations> > . > > > Blink component > > Blink>StorageAccessAPI > > TAG review > > None > > TAG review status > > N/A > > Risks > > > Interoperability and Compatibility > > None > > > > Gecko: No public signals, positive initial signals > <https://docs.google.com/document/d/1jxqW4kvGdclIWsOlWMXWLGpwu1wOorST2Ol6vJKAjDE/edit#heading=h.y0ecc5cfr86n>. > > We will request a formal position. > > WebKit: No signal. We will request a formal position. > > Web developers: Positive <https://github.com/fedidcg/FedCM/issues/467> > > Other signals: > > WebView application risks > > Does this intent deprecate or change behavior of existing APIs, such that > it has potentially high risk for Android WebView-based applications? > > N/A, not shipping on Android WebView. > > Goals for experimentation > > Evaluate the implementation, and the usability of the feature to ensure it > adequately solves the problem. > > Ongoing technical constraints > > None > > Debuggability > > None > > Will this feature be supported on all six Blink platforms (Windows, Mac, > Linux, ChromeOS, Android, and Android WebView)? > > No. It will not be supported in Android WebView. > > Is this feature fully tested by web-platform-tests? > > No. The implementation is primarily in permissions code in //chrome, which > cannot be tested in WPTs since WPTs use a fake permission manager > <https://crsrc.org/c/content/web_test/browser/web_test_permission_manager.h;drc=33b441e83b1f70381158fcafb0ecde9168b79524;l=28> > > in Chromium. > > Flag name on chrome://flags > > #fedcm-with-storage-access-api > > Finch feature name > > FedCmWithStorageAccessAPI > > Non-finch justification > > None > > Requires code in //chrome? > > True > > Estimated milestones > > M126 through M127 (inclusive). > > > Link to entry on the Chrome Platform Status > > https://chromestatus.com/feature/5116478702747648 > > Links to previous Intent discussions > > Intent to prototype: > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAD_OO4iogs7O60r0YcVnDB5aCvs9WUYjWFcuHqcFi5bXLRBOig%40mail.gmail.com > > This intent message was generated by Chrome Platform Status. > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/9a75fe74-ca55-4ddc-93d7-120adfdee49en%40chromium.org > > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/9a75fe74-ca55-4ddc-93d7-120adfdee49en%40chromium.org?utm_medium=email&utm_source=footer> > . > > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/0cfd4e4b-9f00-48b5-87b2-7cad43d9f80dn%40chromium.org.
