document.requestStorageAccess should consider user explicit settings for unpartitioned data access #186
Conversation
There was a problem hiding this comment.
Looking at this again and also the commit that already landed I think this has strayed a bit from #171 (comment) "will setting a non-partitioned cookie work". These commits end up duplicating some of the checks the permission is for which I don't think is good.
That is, taking into account what navigator.cookieEnabled already exposes seems fine, but we shouldn't handle user settings separately from the permission. That leads to too much duplication and room for error.
|
@annevk not sure I understand, the permission state for SAA can be separate from the 3PC access settings that the user has applied, no? Are you saying that they should not be? @shuranhuang might remember more context on why we're splitting out user settings and permission checks. |
|
I think I don't understand why they need to be different. Looking at the two use cases that started this in #171 (comment) the top one requires a change as Maybe @cfredric can weigh in if the second use case has some kind of subtlety that could not be explained by the permission store. |
|
Hi @annevk , I agree with you that this PR is not what #171 (comment) directly translated to regarding "will setting a non-partitioned cookie work". But this PR is to make sure the behavior is aligned between the two methods. From the two examples in #171 (comment), in the first use case, if user blocks all cookies (or blocks cookies on specific sites), Does that make sense to you? |
I haven't read through this PR, but IIUC, you're asking "why wouldn't we just grant the If so, the reason I didn't want to do that is to preserve the causality/provenance for why cookies are allowed. E.g.: suppose the user changes their settings to allow 3P cookie access for some site Now suppose the user changes their mind and decides they don't want to allow cookie access for In my opinion, that's unfortunate because it means the user agent isn't doing what the user intended. That mismatch can be avoided if (In theory we could also avoid the mismatch if we decided that user agents weren't allowed to support cookie settings outside of the |
|
I think the latter thing is what I'm expecting. In particular I don't think there's a need to standardize such UI features as they can be entirely up to the user agent, including ensuring that if the user disables a certain website, it isn't enabled access via some other means. But the one thing that doesn't get us is the top-level change, which is essentially about aligning with @shuranhuang I do think that if |
Co-authored-by: Johann Hofmann <[email protected]>
|
@annevk your last sentence sounds like you're okay with what the PR does, then? Or are you saying that we should literally check against https://html.spec.whatwg.org/#dom-navigator-cookieenabled in rSA / hSA? Personally I don't really like cookieEnabled (it's also not consistent across browsers because e.g. Safari shims it, potentially to avoid breakage) and might prefer to deprecate it. |
|
@annevk friendly ping on the above, otherwise I'd be happy to (take another look and) merge this and fix potential follow-ups separately, in the interest of moving forward. |
This change tries to make rSA behavior aligns with hSA and user expectations by including a check of whether the user agent allows the
documentto access unpartitioned data based on user settings, and move early resolve cases, such as top-level case and same-site case, behind the user settings check. Specifically:(See WHATWG Working Mode: Changes for more details.)
Preview | Diff