Re: [blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-08-06 Thread Chris Harrelson
LGTM3 On Wed, Aug 6, 2025 at 8:06 AM Yoav Weiss (@Shopify) wrote: > LGTM2 > > On Wednesday, August 6, 2025 at 5:06:29 PM UTC+2 Mike Taylor wrote: > >> LGTM1 (sorry for the delay) >> On 5/19/25 2:00 p.m., Chris Fredrickson wrote: >> >> Following up on this: >> >> Now that the new UseCounter >>

Re: [blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-08-06 Thread Yoav Weiss (@Shopify)
LGTM2 On Wednesday, August 6, 2025 at 5:06:29 PM UTC+2 Mike Taylor wrote: > LGTM1 (sorry for the delay) > On 5/19/25 2:00 p.m., Chris Fredrickson wrote: > > Following up on this: > > Now that the new UseCounter > has > made it

Re: [blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-08-06 Thread Mike Taylor
LGTM1 (sorry for the delay) On 5/19/25 2:00 p.m., Chris Fredrickson wrote: Following up on this: Now that the new UseCounter has made it out to Stable, the portion of pageloads that would be affected by this change is 0.

[blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-05-19 Thread Chris Fredrickson
Following up on this: Now that the new UseCounter has made it out to Stable, the portion of pageloads that would be affected by this change is 0.69%. The UseCounter

[blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-04-05 Thread Chris Fredrickson
Sorry for the delay, for some reason Alex's message didn't show up in my inbox! *Alex*: Up to 100% of Storage Access API (SAA) usage could be affected, if we assume that *every *usage of SAA later involves a cross-origin, same-site network request that is required to be credentialed. However,

[blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-03-28 Thread Chris Fredrickson
Thanks Alex (and Vlad), those concerns make sense. Re: next steps, I've improved the existing UMA, but more importantly, I added a UKM-based UseCounter that will precisely measure the % of pageloads that would be affected by this chang

[blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-03-27 Thread Vladimir Levin
Is it a correct reading that that it's roughly 9% of 0.08% of pageloads that will be affected? That still seems large. Can you speak to the nature of the breakage? Specifically, do the sites that currently use it become unusable or is it a milder change from that? On the process side, do you mi

[blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-03-26 Thread Alex Russell
Thanks, Chris. We discussed briefly at today's API OWNERs, and Vlad and I are in the same boat (I think?), which is that we're glad that you were able to confirm our understanding of the situation, but the risk continues to look high in that light. There's generally a menu of options in these

[blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-03-21 Thread Chris Fredrickson
Mozilla standards position request: https://github.com/mozilla/standards-positions/issues/1200 WebKit standards position request: https://github.com/WebKit/standards-positions/issues/476 On Wednesday, March 19, 2025 at 4:40:17 PM UTC-4 Chris Fredrickson wrote: > Sorry for the delay, for some re

[blink-dev] Re: I2P&S: Strict Same Origin Policy for Storage Access API

2025-03-17 Thread Alex Russell
Hey Chris, Do you have a sense for what fraction of Storage Access API use (yes, I know it's low) will be impacted by this change? Is there a way to tell? Best, Alex On Wednesday, March 12, 2025 at 9:04:37 AM UTC-7 Chris Fredrickson wrote: > Contact emails > > cfred...@chromium.org > > Explai