This is a first stab at integrating permissions policy and support nested iframes in the spec, see #10 and #12 . A few notes:
I'm happy to bikeshed on the permission name ("request-storage-access"). It's important to note that this policy only controls requesting storage access, it does not tell user agents with persistent/passive storage (see #2) how to behave if an allow=none attribute was added after an iframe received storage access.
We're now using the "*" default allowlist which @annevk intended to deprecate. We went back and fort on this but ultimately "*" captures the reality of current implementations best, especially considering that WebKit does not have PP support (and thus implictly default to "*") for the time being. If we had started from scratch on this then maybe "self" would have been the best option, but personally I don't see that happening without WebKit support. Let me know if anyone disagrees.
If I understand correctly this would also allow sites to use the PP header to globally reject all rSA calls, which is fixing #56
This is a first stab at integrating permissions policy and support nested iframes in the spec, see #10 and #12 . A few notes:
"request-storage-access"
). It's important to note that this policy only controls requesting storage access, it does not tell user agents with persistent/passive storage (see #2) how to behave if anallow=none
attribute was added after an iframe received storage access."*"
default allowlist which @annevk intended to deprecate. We went back and fort on this but ultimately"*"
captures the reality of current implementations best, especially considering that WebKit does not have PP support (and thus implictly default to"*"
) for the time being. If we had started from scratch on this then maybe"self"
would have been the best option, but personally I don't see that happening without WebKit support. Let me know if anyone disagrees.