Can web apps leverage First Party Sets for their app scope? #145
Comments
|
Thanks for the idea, @alancutter. This sounds similar to the proposal in #46, could you confirm? If yes, may we continue the discussion on that issue? |
|
That's on a specific concern with integrating the two, I would like to get thoughts on the high level idea of whether they are overlapping. My current read of it (in discussion with @mgiuca) is that First Party Sets is highly concerned about data sharing between origins because of the risk of internet wide user tracking. To mitigate this risk FPS is going to use a curated global list of internet properties to limit sets of origins from sprawling out of control. For web app scope_extensions the multi origin associations will not facilitate data sharing and doesn't come with the same tracking risks, just different UX treatment. For this reason it is okay for scope_extensions to not use a centralised list and instead allow origins to mutually associated each other via Does this high level take sound reasonable? |
Web apps are sites that can be installed on a user's device appearing similar to a native app. As a safety mechanism the user the user agent shows warning UI when they navigate outside of the app's URL scope while in a web app window.
Example: Navigating to https://google.com in the Twitter web app.
Currently a web app's URL scope is tied to a single origin which is a problem for sites that span multiple origins.
There is an existing effort to extend web app scopes multi origin via a scope_extensions manifest field.
Do you think First Party Sets could serve the web app multi origin scope use case and dedup much of this effort?
The text was updated successfully, but these errors were encountered: