Open doubletuna opened 12 months ago
There is work going on to support non-cookie storage access via requestStorageAccess():
https://groups.google.com/a/chromium.org/g/blink-dev/c/Mfkj1VqsKX0/m/iLk6xrdMAAAJ
In chrome there is a deprecation trial you can use in the meantime:
https://developer.chrome.com/blog/storage-partitioning-deprecation-trial/
Thanks @wanderview
will the suggested solution involve a built in prompt that the user has to approve?
Cheers
This new partitioning system seems like it will encourage less secure solutions as work arounds. For example, now you have to pass things as query parameters rather then putting thins into local storage. I really wish they didn't make this public without a way to disable via code. I'm surprised that this hasn't broken all sorts of single sign on solutions like it broke mine.
I have multiple web applications on different subdomains that need to work together seamlessly and securely cache data on the client for sign on flows.
It seems I now have to work around this by full page redirects with query parameters instead of passing data to iframes silently to get the data in localstorage on the correct domain.
full page redirects
Please be aware of: https://github.com/privacycg/nav-tracking-mitigations/blob/main/bounce-tracking-explainer.md
Hello,
I’d like to better understand if there is a reasonable solution in the following case:
subdomain: x.whoa.com 3rd party site: something.com
if I set “Experimental third-party storage partitioning.” as “Enabled”, the new window subdomain is not able to access that specific local storage data (left by the iframe, same subdomain).
is there a solution for this scenario, so I can access that local storage data?
Cheers