Replace origin with storage key for BroadcastChannel partitioning

This updates the BroadcastChannel specification to have storage keys be used instead of origins when determining which browsing contexts should be able to have BroadcastChannel messages sent and received from them. Today, a storage key only consists of an origin, but it will likely soon include the top-level origin as well. Only using origin enables certain forms of cross-site tracking. For more details, see https://privacycg.github.io/storage-partitioning/. This helps with #5803, but does not yet close it since storage keys do not yet contain more than just the origin.
whatwg · Feb 15, 2022 · b3a49bc · b3a49bc
1 parent 5b01d31
commit b3a49bc
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/source b/source
@@ -4126,6 +4126,8 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
     <ul class="brief">
      <li><dfn data-x-href="https://storage.spec.whatwg.org/#obtain-a-local-storage-bottle-map">obtain a local storage bottle map</dfn></li>
      <li><dfn data-x-href="https://storage.spec.whatwg.org/#obtain-a-session-storage-bottle-map">obtain a session storage bottle map</dfn></li>
+     <li><dfn data-x-href="https://storage.spec.whatwg.org/#obtain-a-storage-key-for-non-storage-purposes">obtain a storage key for non-storage purposes</dfn></li>
+     <li><dfn data-x-href="https://storage.spec.whatwg.org/#storage-key-equal">storage key equal</dfn></li>
      <li><dfn data-x-href="https://storage.spec.whatwg.org/#storage-proxy-map">storage proxy map</dfn></li>
      <li><dfn data-x-href="https://storage.spec.whatwg.org/#legacy-clone-a-browsing-session-storage-shed">legacy-clone a browsing session storage shed</dfn></li>
     </ul>
@@ -102499,16 +102501,20 @@ interface <dfn interface>BroadcastChannel</dfn> : <span>EventTarget</span> {
    <li><p>Let <var>sourceOrigin</var> be <span>this</span>'s <span>relevant settings object</span>'s
    <span data-x="concept-settings-object-origin">origin</span>.</p></li>
 
+   <li><p>Let <var>sourceStorageKey</var> be the result of running <span>obtain a storage key for
+   non-storage purposes</span> with <span>this</span>'s <span>relevant settings
+   object</span>.</p></li>
+
    <li>
     <p>Let <var>destinations</var> be a list of <code>BroadcastChannel</code> objects that
     match the following criteria:</p>
 
     <ul>
      <li><p>They are <span>eligible for messaging</span>.</p></li>
 
-     <li><p>Their <span>relevant settings object</span>'s <span
-     data-x="concept-settings-object-origin">origin</span> is <span>same origin</span> with
-     <var>sourceOrigin</var>.</p></li>
+     <li><p>The result of running <span>obtain a storage key for non-storage purposes</span> with
+     their <span>relevant settings object</span> <span data-x="storage key equal">equals</span>
+     <var>sourceStorageKey</var>.</p></li>
 
      <li><p>Their <span>channel name</span> <span>is</span> <span>this</span>'s <span>channel
      name</span>.</p></li>