You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
how widely to apply to subresources (options include applying to the top-level doc only, keeping a per-document set of granted domains like the potential per-frame requestStorageAccess storage bit, applying to nested docs, etc.) (though protection via CORS + use-credentials is needed).
As we get clarity, the spec and explainer should both be kept up-to-date.
The text was updated successfully, but these errors were encountered:
There are a few open questions around the exact scope of the access granted by
requestStorageAccessForOrigin, like:requestStorageAccessbefore granting access to a frame (to align with the proposed per-framerequestStorageAccessmodel and ensure embeddee opt-in)requestStorageAccessstorage bit, applying to nested docs, etc.) (though protection via CORS +use-credentialsis needed).As we get clarity, the spec and explainer should both be kept up-to-date.
The text was updated successfully, but these errors were encountered: