-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Should deviceId be partitioned by top level origin and document origin #598
Comments
Firefox used to use double keying (top level & document) for permissions. The spec was written to permit both patterns to be conformant. I believe double keying has been abandoned by all - instead, we changed the default delegation to cross-origin iframes to "block" - one has to explicitly delegate permissions to an iframe if you want it to be able to use the invoker's permissisons. I'm not sure I understand the implications of double keying on device ID - would that mean that a conferencing app that opened in an iframe on multiple sites would be unable to store device IDs between sessions on different top level origins? |
Agreed for permissions. WebKit is requesting decision on behalf of the top level origin, which is the one the user is most aware of. For device ID, that would mean that a conferencing app opened in an iframe on multiple sites would see different device IDs for the same device. This makes most sense if you partition other storages like IDB. Ideally, a partitioning concept would be defined for HTTP cache and other storages and we would just need to adopt it in this spec. I filed this issue to not forget about it and since we are touching deviceId definition in #587. |
At the moment, no change in the spec seems required. |
Repurposing the "Icebox" label for things that we might want to look at sooner or later due to things changing in the larger Web environment, but no change to spec needed at this time. |
Since this was re-raised by PING at TPAC 2019, and the resolution of the group seemed to be that this change was warranted, I'm taking "icebox" off again. The relevant (proposed) privacy principle is here: https://github.com/michaelkleber/privacy-model#identity-is-partitioned-by-first-party-site |
WebKit is currently partitioning deviceId by top level origin and document origin to prevent tracking. On going work is done to define such kind of partitioning for the HTTP cache and there are thoughts to extend it to other types of storage like service workers and IDB.
The text was updated successfully, but these errors were encountered: