Skip to content

Commit

Permalink
Merge pull request #20 from privacycg/shared-workers
Browse files Browse the repository at this point in the history
Add SharedWorkers to spec
  • Loading branch information
johannhof authored Mar 19, 2024
2 parents cf22ecd + acdc87f commit 2ac0b59
Showing 1 changed file with 40 additions and 3 deletions.
43 changes: 40 additions & 3 deletions spec.bs
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ spec: html; urlPrefix: https://html.spec.whatwg.org/
text: localStorage; url: #dom-localstorage
text: broadcast channel; url: #broadcasting-to-other-browsing-contexts
text: new broadcastchannel; url: #dom-broadcastchannel
text: shared workers; url: #shared-workers-and-the-sharedworker-interface
text: new sharedworker; url: #dom-sharedworker
spec: storage-access; urlPrefix: https://privacycg.github.io/storage-access/
type: dfn
for: environment
Expand Down Expand Up @@ -58,6 +60,9 @@ spec: file-api; urlPrefix: https://www.w3.org/TR/FileAPI/
text: file api; url:
text: createobjecturl; url: #dfn-createObjectURL
text: revokeobjecturl; url: #dfn-revokeObjectURL
spec: cookies; urlPrefix: https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html
type: dfn
text: samesite; url:#name-the-samesite-attribute-2
</pre>

<pre class=biblio>
Expand Down Expand Up @@ -134,6 +139,7 @@ dictionary StorageAccessTypes {
boolean createObjectURL = false;
boolean revokeObjectURL = false;
boolean BroadcastChannel = false;
boolean SharedWorker = false;
};

interface StorageAccessHandle {
Expand All @@ -147,6 +153,7 @@ interface StorageAccessHandle {
DOMString createObjectURL((Blob or MediaSource) obj);
undefined revokeObjectURL(DOMString url);
BroadcastChannel BroadcastChannel(DOMString name);
SharedWorker SharedWorker(USVString scriptURL, optional (DOMString or SharedWorkerOptions) options = {});
};

partial interface Document {
Expand All @@ -169,7 +176,7 @@ For now {{Document/hasStorageAccess()}} is not considered deprecated, but that <
When invoked on {{Document}} |doc|, the <dfn export method for=Document><code>requestStorageAccess(types)</code></dfn> method must run these steps:

1. Let |p| be [=a new promise=].
1. If |types|.{{StorageAccessTypes/all}} is `false` and |types|.{{StorageAccessTypes/cookies}} is `false` and |types|.{{StorageAccessTypes/sessionStorage}} is `false` and |types|.{{StorageAccessTypes/localStorage}} is `false` and |types|.{{StorageAccessTypes/indexedDB}} is `false` and |types|.{{StorageAccessTypes/locks}} is `false` and |types|.{{StorageAccessTypes/caches}} is `false` and |types|.{{StorageAccessTypes/getDirectory}} is `false` and |types|.{{StorageAccessTypes/estimate}} is `false` and |types|.{{StorageAccessTypes/createObjectURL}} is `false` and |types|.{{StorageAccessTypes/revokeObjectURL}} is `false` and |types|.{{StorageAccessTypes/BroadcastChannel}} is `false`:
1. If |types|.{{StorageAccessTypes/all}} is `false` and |types|.{{StorageAccessTypes/cookies}} is `false` and |types|.{{StorageAccessTypes/sessionStorage}} is `false` and |types|.{{StorageAccessTypes/localStorage}} is `false` and |types|.{{StorageAccessTypes/indexedDB}} is `false` and |types|.{{StorageAccessTypes/locks}} is `false` and |types|.{{StorageAccessTypes/caches}} is `false` and |types|.{{StorageAccessTypes/getDirectory}} is `false` and |types|.{{StorageAccessTypes/estimate}} is `false` and |types|.{{StorageAccessTypes/createObjectURL}} is `false` and |types|.{{StorageAccessTypes/revokeObjectURL}} is `false` and |types|.{{StorageAccessTypes/BroadcastChannel}} is `false` and |types|.{{StorageAccessTypes/SharedWorker}} is `false`:
1. [=/Reject=] |p| with an "{{InvalidStateError}}" {{DOMException}}.
1. Return |p|.
1. Let |requestUnpartitionedCookieAccess| be `true` if |types|.{{StorageAccessTypes/all}} is `true` or |types|.{{StorageAccessTypes/cookies}} is `true`, and `false` otherwise.
Expand Down Expand Up @@ -289,9 +296,39 @@ When invoked on {{StorageAccessHandle}} |handle| with {{StorageAccessTypes}} |ty
1. Throw an "{{InvalidStateError}}" {{DOMException}}.
1. Return the invocation of [=new BroadcastChannel=] with |name|.

<h4 id="shared-worker">Shared Worker</h4>
<h4 id="shared-worker">[=Shared Workers=]</h4>

Modify [=Shared Workers=] to define the following:

<pre class="idl">
enum SameSiteCookiesType { "all", "none" };

dictionary SharedWorkerOptions : WorkerOptions {
SameSiteCookiesType sameSiteCookies;
};
</pre>

The default {{SharedWorkerOptions/sameSiteCookies}} is {{SameSiteCookiesType/all}} in [=first-party-site context=] and {{SameSiteCookiesType/none}} otherwise.

Modify [=new SharedWorker=] to accept {{SharedWorkerOptions}} instead of {{WorkerOptions}}.

TBD
Modify [=new SharedWorker=] to add a new step below step 1 as follows:

2. If |options|.{{SharedWorkerOptions/sameSiteCookies}} is {{SameSiteCookiesType/all}} and {{Window}}'s [=associated document=] is not [=first-party-site context=], then:
1. Throw an "{{InvalidStateError}}" {{DOMException}}.

Note:
The {{SameSiteCookiesType}} is used to influence which cookies are sent or read during [=fetch=] based on the [=SameSite=] cookie attribute.
{{SameSiteCookiesType/all}} is only available in [=first-party-site context=] and permits [=SameSite=] "None", "Lax", and "Strict" cookies to be included (if not blocked for some other reason).
{{SameSiteCookiesType/none}} is available in any context and permits only [=SameSite=] "None" cookies to be included (if not blocked for some other reason).

Issue(21): Clarify SharedWorker usage of {{SharedWorkerOptions/sameSiteCookies}} in more detail.

When invoked on {{StorageAccessHandle}} |handle| with {{StorageAccessTypes}} |types|, {{USVString}} |scriptURL|, and {{DOMString}} or {{SharedWorkerOptions}} |options|, the <dfn export method for=StorageAccessHandle><code>SharedWorker(scriptURL, options)</code></dfn> method must run these steps:

1. If |types|.{{StorageAccessTypes/all}} is `false` and |types|.{{StorageAccessTypes/SharedWorker}} is `false`:
1. Throw an "{{InvalidStateError}}" {{DOMException}}.
1. Return the invocation of [=new SharedWorker=] with |scriptURL| and |options|.

<h2 id="privacy">Security & Privacy considerations</h2>

Expand Down

0 comments on commit 2ac0b59

Please sign in to comment.