- From: Jeremy Roman <notifications@github.com>
- Date: Wed, 13 Feb 2019 23:04:14 +0000 (UTC)
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/331/463411899@github.com>
@othermaciej > I think you are suggesting that webpages could be modified to request storage access when promoted from a portal to top level, and that access could be always granted and without the need for a user action or user consent. Yes, this is what I'm suggesting. > But it also wouldn't work in unmodified webpages. Yes, it wouldn't be transparent to unmodified documents. This isn't the only way in which a document may have its context meaningfully changed by transitioning from being embedded to not, so we're still contemplating whether content should have to opt-in to being loaded in a portal context (which reduces surprise, since it gives a signal that authors have given some thought to the consequences), or opt-out (for reasons similar to frames, content must be able to refuse to be embedded). > Remaining stuck on the partitioned storage is also a privacy risk, because it would give what appears to be a top level page access to a partitioned storage in a particular domain. A site could rewrite itself to always use immediately activated portals to effectively gain cross-site tracking capability. I admit I don't really understand how what you're proposing here would allow pervasive tracking, but if so, having the UA choose to provide no storage access instead of partitioned storage in such cases seems like a viable approach to me. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/331#issuecomment-463411899
Received on Wednesday, 13 February 2019 23:04:37 UTC