Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clear-Site-Data #209

Open
jeremyroman opened this issue Jun 11, 2020 · 1 comment
Open

Clear-Site-Data #209

jeremyroman opened this issue Jun 11, 2020 · 1 comment
Labels
design work needed An acknowledged gap in the proposal that needs design work to resolve

Comments

@jeremyroman
Copy link
Collaborator

When, if ever, should a Clear-Site-Data header sent with a portal contents be applied? The obvious choice would seem to be on activation, but I'm not sure whether this is best.
@jeremyroman jeremyroman added the design work needed An acknowledged gap in the proposal that needs design work to resolve label Jun 11, 2020
@jakearchibald
Copy link
Collaborator

jakearchibald commented Jun 17, 2020
edited
Loading

I think it should behave the same as it would within a partitioned iframe. There's some discussion of this over at privacycg/storage-partitioning#11.

Seems weird if Clear-Site-Data in a portal behaved differently to Set-Cookie, so I think Clear-Site-Data should apply immediately, which may mean it applies to partitioned storage.

If the Clear-Site-Data was in response to a request with partitioned cookies, it feels like the clearing should apply to the partition (assuming that's where privacycg/storage-partitioning#11 lands).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
design work needed An acknowledged gap in the proposal that needs design work to resolve
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jakearchibald @jeremyroman