hober
commented
2 years ago While there may be a valid use case here, I don't think it's a use case for the Storage Access API, but instead for some other mechanism.
Closed michael-oneill closed 2 years ago
hober
commented
2 years ago While there may be a valid use case here, I don't think it's a use case for the Storage Access API, but instead for some other mechanism.
Top-level sites could get the browser to issue a prompt on a storage access request, i.e. a call to
document.requestStorageAccess) by the top level site. Some browsers may by default limit access to first-party cookies e.g. by an arbitrary limit to expiry duration, e.g. to mitigate third-party tracking via link decoration. Even when this not a a default setting, browsers could enable it on a per site basis when a user has selected Do-Not-Sell, Do-Not-Track setting within the browser or via the site's UI. Users could become accustomed to Storage Access prompts triggered by calls todocument.requestStorageAccess()so it would make sense to the user if a similar prompt was triggered by a similar call by the top level site, when the result was to mitigate third-party tracking. A similar amelioration of cookie restrictions could result from the browser detecting IsLoggedIn status.