Open jyasskin opened 3 years ago
annevk
commented
3 years ago Since cookies are not origin-bound it seems more appropriate to give them their own data structure. Or do you see a way to combine them despite that fundamental mismatch? They will need to share some of the keying infrastructure though.
jyasskin
commented
3 years ago I didn't look in enough detail to have an opinion about whether the storage structure is the right way to do this; I just wanted to make sure the spec authors were aware of it. I suspect you're right that it's not going to fit, and they'll have to define something new either here or in rfc6265bis.
The "compute the cookie-string from a cookie store" algorithm appears to take a cookie store as an argument, but https://wicg.github.io/cookie-store/#query-cookies doesn't pass one.
The choice of this argument might or might not be the right place to manage the interaction with https://github.com/privacycg/storage-partitioning. I'm not sure if https://storage.spec.whatwg.org/#registered-storage-endpoints is the right shape to include the cookie store(s).
The "receives a cookie" algorithm called from https://wicg.github.io/cookie-store/#set-a-cookie also refers to "the cookie store".