Contact emails johann...@chromium.org, cfred...@chromium.org, y...@chromium.org
Explainer https://github.com/explainers-by-googlers/storage-access-for-fedcm Specification https://github.com/privacycg/storage-access/pull/206 Summary Reconciles the FedCM and Storage Access APIs by making a prior FedCM grant a valid reason to automatically approve a storage access request. When a user grants permission for using their identity with a 3rd party Identity Provider (IdP) on a Relying Party (RP), many IdPs require third-party cookies to function correctly and securely. This proposal aims to satisfy that requirement in a private and secure manner by updating the Storage Access API (SAA) permission checks to not only accept the permission grant that is given by a storage access prompt, but also the permission grant that is given by a FedCM prompt. A key property of this mechanism is limiting the grant to cases explicitly allowed by the RP via the FedCM permissions policy, enforcing a per-frame control for the RP and preventing passive surveillance by the IdP beyond the capabilities that FedCM already grants, as outlined in the Privacy Considerations <https://github.com/privacycg/storage-access/blob/main/explainers/storage-access-for-fedcm.md#privacy-considerations> . Blink component Blink>StorageAccessAPI <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EStorageAccessAPI> TAG review https://github.com/w3ctag/design-reviews/issues/992 TAG review status Pending Chromium Trial Name FedCmWithStorageAccessAPI Origin Trial documentation link https://github.com/explainers-by-googlers/storage-access-for-fedcm WebFeature UseCounter name kFedCmWithStorageAccessAPI Risks Interoperability and Compatibility None Gecko: Positive (https://github.com/mozilla/standards-positions/issues/1065) WebKit: No signal (https://github.com/WebKit/standards-positions/issues/390) Web developers: Positive ( https://github.com/w3c-fedid/FedCM/issues/467#issuecomment-1735911894) Other signals: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? None Debuggability This feature requires that the identity-credentials-get permissions policy is provided. - If the policy is not provided, document.requestStorageAccess() falls back to its normal control flow (i.e. checking for a user gesture, checking for RWS autogrant, checking for a previous top-level interaction, and finally showing a prompt). - If a policy is provided but misspelled, Chrome prints "Unrecognized feature: <feature name>." in the console. Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)? No FedCM and Storage Access API are not supported on Android WebView. Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ? Yes https://wpt.fyi/results/fedcm/fedcm-storage-access-api-autogrant.tentative.https.sub.html?label=experimental&label=master&aligned (WPTs are currently failing on wpt.fyi due to an unrelated error that we're fixing.) Flag name on chrome://flags fedcm-with-storage-access-api Finch feature name FedCmWithStorageAccessAPI Requires code in //chrome? True Estimated milestones Origin trial desktop first 126 Origin trial desktop last 131 Origin trial extension 1 end milestone 129 Origin trial extension 2 end milestone 131 DevTrial on desktop 125 Origin trial Android first 126 Origin trial Android last 131 DevTrial on Android 125 Anticipated spec changes Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way). None Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5116478702747648?gate=5070701733347328 Links to previous Intent discussions Intent to Prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAD_OO4iogs7O60r0YcVnDB5aCvs9WUYjWFcuHqcFi5bXLRBOig%40mail.gmail.com Intent to Experiment: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/9a75fe74-ca55-4ddc-93d7-120adfdee49en%40chromium.org Intent to Extend Experiment 1: https://groups.google.com/a/chromium.org/g/blink-dev/c/LwgSKPBivuM/m/0dRsXWhBAgAJ Intent to Extend Experiment 2: https://groups.google.com/a/chromium.org/g/blink-dev/c/LwgSKPBivuM/m/0dRsXWhBAgAJ This intent message was generated by Chrome Platform Status <https://chromestatus.com/>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/5486dcaf-3ff6-4d97-a081-9626f97e2e03n%40chromium.org.
