Closed abhirajdatta closed 1 month ago
Hi, there are two different proposals that might be relevant here, with a bunch of caveats though:
requestStorageAccess()
from the iframe itself (or header usage, see below), for security reasons.requestStorageAccess()
call, but it will only work if a prior storage access permission had been granted in some way, I.e. the iframe could call requestStorageAccess()
once, get user permission, and on every subsequent load use the headers to avoid janky UX.Can you share some more details about your use case? Are you not in control of the iframe in question?
My use case -
I have a web app where a 3P widget is hosted. When I visit the page with Chrome 3P flag turned on, I'm asked to login using that widget. In today's world the login is not needed as when the widget loads it automatically sets the cookies which are needed to sign in.
What I need to solve is how will the 3P cookies, which are being set will contineu to be set post 3PCD. Can I as a hosting system do something to make it work? The widgets are hosted using iFrames. Hosting party is Salesforce.
Thanks! I don't think that there's a lot that you as a hosting system can do in this case, since the 3P needs to do at least some work to opt into 3PC access. As a stop-gap solution, browsers like Chrome and Firefox have per-site user toggles to temporarily disable 3PC blocking, but longer term Salesforce will have to fix this so I suggest that you reach out to them (judging by their engagement on 3PCD overall I can imagine they're aware of and working on a fix to the issue).
I'm closing this as it doesn't seem relevant to Storage Access per se, feel free to ask more general questions about Chrome's 3PCD rollout etc. in https://github.com/privacysandbox/privacy-sandbox-dev-support
I have a use case where we are hosting an iframe in a webpage. The iframe is setting a few cookies in the browser, and when Chrome 3P blocking flag is enabled, chrome is unable to set those cookies.
What we want to know is if the webapp hosting the iframe can request storage access for the iframe application to set their cookies? Can we do something onload of the iframe to request storage access API?