Is this an error in the spec: Chromium using `storage-access-api` and not `request-storage-access` for permissions policy

[summercms]

The spec say's:

The Storage Access API defines a policy-controlled feature identified by the string "request-storage-access". Its default allowlist is "*".

Link: https://privacycg.github.io/storage-access/#permissions-policy-integration

Yet in the Chromium source code says: the policy name is: storage-access-api and not request-storage-access ?

{
      name: "StorageAccessAPI",
      feature_default: "EnableForAll",
      permissions_policy_name: "storage-access-api",
      depends_on: ["StorageAccessAPI"],
},

Link: https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/permissions_policy/permissions_policy_features.json5

Just wondering if there is an issue in the spec or not? Or is the code in Chromium wrong?

cc @johannhof As one of the editors and on the Chrome team.

[johannhof]

Thanks for noticing this and sorry for the delay! Given that neither Safari nor Firefox have shipped this name I think the spec should align with the only existing implementation. There were some concerns with the storage-access name in https://github.com/privacycg/storage-access/issues/12 but the -api part might help with that. I can make a PR for updating this in the spec.

[johannhof]

To follow up here, we'll rename this in Chromium to "storage-access" and I also made that change on the spec.

[CetinSert]

@johannhof – when is the Storage Access API shipping in Chrome? Chrome is the only and most major browser still not shipping it: https://caniuse.com/mdn-api_document_requeststorageaccess

[johannhof]

Hi @cetinsert, I don't have a definitive date yet but we just sent out an intent to prototype for requestStorageAccessForSite in addition to the existing I2P from Microsoft Edge. It's easiest to follow the Chromestatus entries for both efforts for timely updates.