github web-platform-tests/wpt merge_pr_46233

latest releases: merge_pr_49470, epochs/three_hourly/2024-12-03_06H, epochs/six_hourly/2024-12-03_06H...
7 months ago

Shared Storage: Allow writes from headers in all sandboxed frames

Previously, writing to shared storage via response headers by way of
a fetch or image request would work inside a sandboxed iframe only if
the iframe had sandbox flag "allow-same-origin". We remove this
unnecessary restriction by correcting the origin used for the
opaqueness check for sharedStorageWritable image and fetch requests:
instead of checking the environment's origin for opaqueness, we now
check the request's origin for opaqueness in order to determine
eligibility for the 'Sec-Shared-Storage-Writable' request header.

See WICG/shared-storage#155 for the related
specification fix.

Bug: 339172115
Change-Id: Ia3d048c8441bb99ea48d3943c55fe83c943bcadf
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5527770
Reviewed-by: Nate Chapin japhet@chromium.org
Reviewed-by: Yao Xiao yaoxia@chromium.org
Commit-Queue: Cammie Smith Barnes cammie@chromium.org
Cr-Commit-Position: refs/heads/main@{#1303509}

Don't miss a new wpt release

NewReleases is sending notifications on new releases.