Contact emails kaustub...@google.com, johann...@google.com, cfred...@google.com
Explainer https://github.com/WICG/first-party-sets Specification TBD. Summary First-Party Sets (FPS) is a web platform mechanism, proposed within the context of browser efforts to phase out support for third-party cookies, through which authors of multi-site properties may declare relationships between sites such that the browser may understand the relationships and handle cookie access accordingly. The First-Party Sets proposal has undergone some changes since we sent the previous Intents. In particular: - We have introduced the notion of "subsets" to categorize set member domains, allow the UA to handle them differently, and impose different requirements according to their declared type. - We have abandoned the SameParty cookie attribute. - We have adopted the Storage Access API as a means for sites within a First-Party Set to request cross-site cookie access. - We have proposed a new API, tentatively called requestStorageAccessForOrigin, to allow top-level sites to request cross-site cookie access on behalf of an embedded context within the same First-Party Set. FPS is ready for developer trials starting in Chrome M108. Instructions for testing can be found here <https://developer.chrome.com/blog/first-party-sets-testing-instructions/>. Blink component Internals>Network>First-Party Sets <https://bugs.chromium.org/p/chromium/issues/list?q=component%3AInternals%3ENetwork%3EFirst-Party-Sets> TAG review Review <https://github.com/w3ctag/design-reviews/issues/342> (outdated, will request re-review) TAG review status Unsatisfied (outdated) Interoperability and Compatibility TBD Firefox: Requested position <https://github.com/mozilla/standards-positions/issues/350#issuecomment-1322689749> (position on older proposal here <https://github.com/mozilla/standards-positions/pull/360>) Safari: Requested position <https://github.com/WebKit/standards-positions/issues/93> (position on older proposal here <https://lists.webkit.org/pipermail/webkit-dev/2020-June/031227.html#:~:text=%3E%20We%20had%20previously%20started%20the,expressed%20support%20for%20the%20above%20proposal.&text=%3E%20Given%20these%20issues%2C%20I%20don%E2%80%99t,a%20suitable%20standards%20or%20incubation%20group> ) Web Developers: Positive <https://github.com/privacycg/meetings/blob/main/2020/telcons/12-10-minutes.md> position on older proposal, looking for updated feedback through testing Edge: Positive <https://github.com/privacycg/meetings/blob/main/2020/telcons/12-10-minutes.md#:~:text=Erik%3A%20Microsoft%20is%20generally%20supportive%20of%20the%20effort.> Goals for experimentation Gain developer feedback on Chrome’s implementation of the Storage Access API and requestStorageAccessForOrigin for First Party Sets. Ongoing technical constraints This API is available only when feature flags are turned on in the chrome://flag page. For full developer instructions, please refer to this post <https://developer.chrome.com/blog/first-party-sets-testing-instructions/>. Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)? All with the exception of WebView (forthcoming, tracked here: https://crbug.com/1286070) Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/master/docs/testing/web_platform_tests.md> ? No. Since the feature depends on a list of related sites or “first-party sets” managed via a submission process <https://github.com/GoogleChrome/first-party-sets/blob/main/FPS-Submission_Guidelines.md>, testing this via web-platform-tests would require either that list of sets, or use of a hardcoded First-Party Set to which the test could refer. While other features on the web platform, such as the definition of “registrable domain <https://url.spec.whatwg.org/#ref-for-host-registrable-domain>” similarly depend on a list, WPT infrastructure does not support configuring such a list, as such configuration would inherently vary by browser. Tracking bug https://crbug.com/1117249 https://crbug.com/1175899 Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5640066519007232 https://chromestatus.com/feature/5612590694662144 Links to previous Intent discussions https://groups.google.com/u/1/a/chromium.org/g/blink-dev/c/-unZxHbw8Pc/m/_23CsOkHAQAJ https://groups.google.com/u/1/a/chromium.org/g/blink-dev/c/XkWbQKrBzMg/m/OifyvdHOAQAJ https://groups.google.com/u/1/a/chromium.org/g/blink-dev/c/nNdY-qOScBc/m/tg3F73ijAAAJ -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/5d6f22bc-4958-4a82-b69e-500be4d3ed6an%40chromium.org.
