You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Regarding the scope of storage access, I'd like to request that sub-frames from the same domain also acquire storage access when their parent acquires storage access. This approach could be applied recursively down the frame tree.
When a user grants storage access to an iframe, they need not be concerned whether the contents of that iframe are a single page or made up of several pages from the same domain.
I've hit this issue as a developer making use of the Storage Access API. In our case, we are the third-party serving content from a Learning Management System inside of another (first-party) system. We don't have a choice but to make use of frames in order to support learning industry standards. Our main page holds a Javascript API, and then has two frames: one for the training module and one for course navigation.
In Safari 13.1, we're able to successfully acquire storage access for our main page, but then our sub-frames fail because they do not get access to our authentication cookie.
While our specific scenario might fall into the 'non-goals' category, I still believe this request makes sense. I can see this issue applying to others and don't see how it adds any further threat to tracking.
The text was updated successfully, but these errors were encountered:
Regarding the scope of storage access, I'd like to request that sub-frames from the same domain also acquire storage access when their parent acquires storage access. This approach could be applied recursively down the frame tree.
When a user grants storage access to an iframe, they need not be concerned whether the contents of that iframe are a single page or made up of several pages from the same domain.
I've hit this issue as a developer making use of the Storage Access API. In our case, we are the third-party serving content from a Learning Management System inside of another (first-party) system. We don't have a choice but to make use of frames in order to support learning industry standards. Our main page holds a Javascript API, and then has two frames: one for the training module and one for course navigation.
In Safari 13.1, we're able to successfully acquire storage access for our main page, but then our sub-frames fail because they do not get access to our authentication cookie.
While our specific scenario might fall into the 'non-goals' category, I still believe this request makes sense. I can see this issue applying to others and don't see how it adds any further threat to tracking.
The text was updated successfully, but these errors were encountered: