Update spec for cookie partition keys and partitioned storage keys #78
Conversation
There was a problem hiding this comment.
This looks good enough from a spec point of view, but I'd also like @bvandersloot-mozilla to confirm that this fixes his bug report.
There was a problem hiding this comment.
So, I think overall, the way we'd rather do this in the future is to expose some interface for this in the cookies RFC (which defines the cookie store) as web platform specs don't necessarily have direct introspection into the cookie store. @annevk any thoughts?
With that said, I acknowledge that we're not fully there yet and so I'm okay with this as I think it's sketching out the correct steps. We can add this to the list for cookie layering work...
|
I think this PR also needs to specify the deletion of partitioned non-cookie storage. If non-cookie storage partitioning is not specified adequately yet we should at least add a note indicating that is the intent. |
svendlarsen
changed the title
|
It seems like we've reached agreement on this change, at least given the current state of related spec/standard changes. I'm going to merge; please note any new concerns by filing an issue. Thanks all for your input! |
|
I think you need to drop the phantom link to the top-level site for the partition key. Getting this failure on trying to submit:
|
SHA: 1fa286a Reason: push, by wanderview Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…rivacycg#78) * Specify handling of partitioned cookies in deletion * Add refs for paritioned cookies and domain attribute * Correct partition key matching description * Rename cookie clearing algorithm for clarity * Revert "Rename cookie clearing algorithm for clarity" This reverts commit 045d4bd. * Document host precondition in cookie-clearing algorithm * Handle non-site info in cookie partition keys * Add dfn links for `continue` * Handle partitioned non-cookie storage in deletion * Drop phantom link to storage key top-level site
…rivacycg#78) * Specify handling of partitioned cookies in deletion * Add refs for paritioned cookies and domain attribute * Correct partition key matching description * Rename cookie clearing algorithm for clarity * Revert "Rename cookie clearing algorithm for clarity" This reverts commit 045d4bd. * Document host precondition in cookie-clearing algorithm * Handle non-site info in cookie partition keys * Add dfn links for `continue` * Handle partitioned non-cookie storage in deletion * Drop phantom link to storage key top-level site
…rivacycg#78) * Specify handling of partitioned cookies in deletion * Add refs for paritioned cookies and domain attribute * Correct partition key matching description * Rename cookie clearing algorithm for clarity * Revert "Rename cookie clearing algorithm for clarity" This reverts commit 045d4bd. * Document host precondition in cookie-clearing algorithm * Handle non-site info in cookie partition keys * Add dfn links for `continue` * Handle partitioned non-cookie storage in deletion * Drop phantom link to storage key top-level site
Namely, when deleting cookies for a host:
And change non-cookie storage deletion:
Fixes #75.
Preview | Diff