Open jcubic opened 1 year ago
wanderview
commented
1 year ago We are working on unpartitioning storage and communication channels using requestStorageAccess:
https://groups.google.com/a/chromium.org/g/blink-dev/c/Mfkj1VqsKX0/m/iLk6xrdMAAAJ
In the meantime you can use the deprecation trial (at least in chrome):
https://developer.chrome.com/blog/storage-partitioning-deprecation-trial/
jcubic
commented
1 year ago It's good news that there will be a way to request Cross-origin access.
Is this something that will be part of some kind of spec? So other browsers like Safari can implement it. I think it will be more likely that they will add something like this if it's part of some kind of spec.
wanderview
commented
1 year ago Yes. See cross-browser discussion in here:
arichiv
commented
11 months ago An update on the Origin Trial for some storage/communication mechanisms is here: https://developer.chrome.com/blog/saa-non-cookie-storage/
BroadcastChannel is available in the same Origin Trial with the Chrome 121 beta that should be promoted later this week https://chromiumdash.appspot.com/schedule.
Is there any way to make the cross-domain communication work with this feature on? Sometimes it's legit for the application to share data (send messages between different domains) it's not only a cause of vulnerabilities and privacy violations.
I have a library sysend.js that is a way to send messages between domains. The library is already broken in Safari, because of 3rd party cookie policy that blocks everything without any exceptions.
Is there any way to make at least BroadcastChannel allow to share information Cross-domain?
As stated there are legit use cases where this new API breaks the apps created on different domains.
See the issue here: https://github.com/jcubic/sysend.js/issues/54