Closed annevk closed 3 years ago
A top-level document can sandbox itself. If it embeds tracker.example and that were to invoke requestStorageAccess(), what should happen?
tracker.example
requestStorageAccess()
I suspect we should disallow in this case as you cannot have meaningful UI.
We also generally do not allow storage for opaque origins so maybe storage would be disabled for the entire frame tree?
A top-level document can sandbox itself. If it embeds
tracker.example
and that were to invokerequestStorageAccess()
, what should happen?I suspect we should disallow in this case as you cannot have meaningful UI.
We also generally do not allow storage for opaque origins so maybe storage would be disabled for the entire frame tree?