storage partitioning - accessing local storage between an iframe and webpage on the same subdomain #8
Comments
|
There is work going on to support non-cookie storage access via requestStorageAccess(): https://groups.google.com/a/chromium.org/g/blink-dev/c/Mfkj1VqsKX0/m/iLk6xrdMAAAJ In chrome there is a deprecation trial you can use in the meantime: https://developer.chrome.com/blog/storage-partitioning-deprecation-trial/ |
|
Thanks @wanderview will the suggested solution involve a built in prompt that the user has to approve? Cheers |
|
This new partitioning system seems like it will encourage less secure solutions as work arounds. For example, now you have to pass things as query parameters rather then putting thins into local storage. I really wish they didn't make this public without a way to disable via code. I'm surprised that this hasn't broken all sorts of single sign on solutions like it broke mine. |
|
I have multiple web applications on different subdomains that need to work together seamlessly and securely cache data on the client for sign on flows. It seems I now have to work around this by full page redirects with query parameters instead of passing data to iframes silently to get the data in localstorage on the correct domain. |
Please be aware of: https://github.com/privacycg/nav-tracking-mitigations/blob/main/bounce-tracking-explainer.md |
Hello,
I’d like to better understand if there is a reasonable solution in the following case:
subdomain: x.whoa.com
3rd party site: something.com
if I set “Experimental third-party storage partitioning.” as “Enabled”, the new window subdomain is not able to access that specific local storage data (left by the iframe, same subdomain).
is there a solution for this scenario, so I can access that local storage data?
Cheers
The text was updated successfully, but these errors were encountered: