Skip to content

Commit

Permalink
Let document.hasStorageAccess check whether the Document already ha…
Browse files Browse the repository at this point in the history
…s unpartitioned data access (#174)

This commits tries to make hSA match the description in the spec that “This specification defines a method to query whether or not a Document currently has access to its unpartitioned data (hasStorageAccess()) …” by including a check of whether the user agent allows the document to access unpartitioned data based on user settings.

Fixes #171

---------

Co-authored-by: Johann Hofmann <[email protected]>
  • Loading branch information
shuranhuang and johannhof authored Aug 21, 2023
1 parent 69042e6 commit 139ef58
Showing 1 changed file with 27 additions and 6 deletions.
33 changes: 27 additions & 6 deletions storage-access.bs
Original file line number Diff line number Diff line change
Expand Up @@ -156,13 +156,34 @@ When invoked on {{Document}} |doc|, the <dfn export method for=Document><code>ha
1. If |doc|'s [=Document/origin=] is an [=opaque origin=], [=/resolve=] |p| with false and return |p|.
1. Let |global| be |doc|'s [=relevant global object=].
1. If |global| is not a [=secure context=], then [=/resolve=] |p| with false and return |p|.
1. If |doc|'s [=Document/browsing context=] is a [=top-level browsing context=], [=/resolve=] |p| with true and return |p|.
1. If the [=top-level origin=] of |doc|'s [=relevant settings object=] is an [=opaque origin=], [=/resolve=] |p| with false and return |p|.
1. If |doc| is same authority with |doc|'s [=Document/browsing context=]'s [=top-level browsing context=]'s [=active document=], [=/resolve=] |p| with true and return |p|.

ISSUE: "same authority" here is a placeholder for a future concept that allows user agents to perform [=same site=] checks while adhering to additional security aspects such as the presence of a cross-site parent document, see [whatwg/storage#142](https://github.com/whatwg/storage/issues/142#issuecomment-1122147159). In practice, this might involve comparing the [=site for cookies=] or performing a [=same site=] check with the top-level document.

1. [=Queue a global task=] on the [=permissions task source=] given |global| to [=/resolve=] |p| with |global|'s [=environment/has storage access=].
1. Let |browsingContext| be |doc|'s [=Document/browsing context=].
1. Let |topLevelSite| be the result of [=obtain a site|obtaining a site=] from the [=top-level origin=] of |doc|'s [=relevant settings object=].
1. Let |embeddedSite| be the result of [=obtain a site|obtaining a site=] from |doc|'s [=Document/origin=].
1. Run the following steps [=in parallel=]:
1. Let |whether the user agent explicitly allows unpartitioned cookie access| be an algorithm that, given a [=tuple=] |tuple| consisting of two [=sites=], runs the following steps. This algorithm returns "`none`", "`allow`" or "`disallow`".

Note: A user agent's settings might explicitly allow or disallow unpartitioned cookie access through per-site allow-lists, the user changing global browser settings, or similar custom overrides.

1. If the user agent does not have explicit settings for unpartitioned cookie access for |tuple|, return "`none`".
1. If the user agent's settings explicitly allow unpartitioned cookie access for |tuple|, return "`allow`".
1. If the user agent's settings explicitly disallow unpartitioned cookie access for |tuple|, return "`disallow`".
1. Let |explicitSetting| be the result of determining |whether the user agent explicitly allows unpartitioned cookie access| with (|topLevelSite|, |embeddedSite|).
1. [=Queue a global task=] on the [=permissions task source=] given |global| to:
1. If |explicitSetting| is "`disallow`", [=/resolve=] |p| with false.
1. If |explicitSetting| is "`allow`", [=/resolve=] |p| with true.
1. If |explicitSetting| is "`none`":
1. If |browsingContext| is a [=top-level browsing context=], [=/resolve=] |p| with true.
1. If |browsingContext| is same authority with |browsingContext|'s [=top-level browsing context=]'s [=active document=], [=/resolve=] |p| with true.

ISSUE: "same authority" here is a placeholder for a future concept that allows user agents to perform [=same site=] checks while adhering to additional security aspects such as the presence of a cross-site parent document, see [whatwg/storage#142](https://github.com/whatwg/storage/issues/142#issuecomment-1122147159). In practice, this might involve comparing the [=site for cookies=] or performing a [=same site=] check with the top-level document.

1. Let |permissionState| be the result of [=getting the current permission state=] given "<a permission><code>storage-access</code></a>" and |global|.
1. If |permissionState| is [=permission/granted=], [=/resolve=] |p| with |global|'s [=environment/has storage access=].

Note: The global storage access permission state takes precedence over the local [=environment/has storage access=] flag here, in order to immediately reflect a possible user choice to revoke the permission in their settings.

1. [=/Resolve=] |p| with false.
1. Return |p|.

When invoked on {{Document}} |doc|, the <dfn export method for=Document><code>requestStorageAccess()</code></dfn> method must run these steps:
Expand Down

0 comments on commit 139ef58

Please sign in to comment.