Skip to content

Disable prompting in third parties #87

New issue
New issue
Open
Open
Disable prompting in third parties#87
Labels
privacy-trackerGroup bringing to attention of Privacy, or tracked by the Privacy Group but not needing response.security-trackerGroup bringing to attention of security, or tracked by the security Group but not needing response.security/privacyThere are security or privacy implications
@annevk

Description

@annevk
annevk
opened on May 2, 2020

In Firefox we disabled the capability for a third-party to prompt for the persistent storage permission.

Doing this helps with https://privacycg.github.io/storage-partitioning/ and also helps reduce the number of prompts where the third-party is shown.

(Delegation through the allow="" attribute does not work, unless we reinterpret that as the first-party sharing its storage area, but that should probably be its own issue if there's interest in that kind of thing.)

This would be easy to add by adding a check for origin != top-level origin in the relevant places. Is there interest from Chrome?

cc @inexorabletash

Metadata

Metadata

Assignees

No one assigned

    Labels

    privacy-trackerGroup bringing to attention of Privacy, or tracked by the Privacy Group but not needing response.security-trackerGroup bringing to attention of security, or tracked by the security Group but not needing response.security/privacyThere are security or privacy implications

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions