issues
search
privacycg
/
storage-access-headers
Proposal for HTTP headers related to the Storage Access API
https://cfredric.github.io/storage-access-headers/
Creative Commons Attribution 4.0 International
24
stars
2
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Remove redundant detail in example
#19
Airborn22
closed
4 days ago
1
Headers may limit possible Storage Access API policies
#18
sjledoux
closed
2 weeks ago
2
The "Sec-" prefix is unnecessary
#17
sjledoux
closed
2 weeks ago
5
Clarify: why is `load` required in addition to `retry`?
#16
drmercer-lucid
closed
1 month ago
4
Sending `Sec-Fetch-Storage-Access: none` on every cross-origin request seems wasteful
#15
ricea
closed
1 month ago
5
Rewrite `retry` token to require an `allowed-origin` parameter
#14
cfredric
closed
2 months ago
0
Add security and privacy self-review
#13
cfredric
closed
4 months ago
0
Clarify `retry` semantics w.r.t. HTTP auth and redirects
#12
cfredric
opened
5 months ago
0
Update details on reasons for cookie access
#11
cfredric
closed
5 months ago
0
An inactive-retry-active flow should be transparent for the embedder
#10
dominikschreiber
opened
6 months ago
0
Already cached responses should not initiate another inactive-retry-active flow
#9
dominikschreiber
closed
3 months ago
1
Consider restricting leakier no-cors requests to not use these headers
#8
bvandersloot-mozilla
closed
1 month ago
4
Document security caveats of setting the `Activate-Storage-Access: retry` header
#7
arturjanc
closed
1 month ago
10
Network roundtrips doubled for API requests
#6
petipp
opened
8 months ago
7
Document a [non-iframe] embedded resource flow
#4
myok12
closed
9 months ago
1
Alternative design: Consider integrating with CORS and HTML and Fetch
#3
bvandersloot-mozilla
closed
6 months ago
25
Clarify top-level resource usage
#2
bvandersloot-mozilla
closed
10 months ago
6
Consider interaction with Storage partitioning
#1
bvandersloot-mozilla
opened
11 months ago
2