Contact emails aric...@chromium.org, johann...@google.com
Specification https://html.spec.whatwg.org/multipage/system-state.html#cookies Summary navigator.cookieEnabled <https://developer.mozilla.org/en-US/docs/Web/API/Navigator/cookieEnabled> currently indicates if “the user agent attempts to handle cookies” in a given context. A change in Chrome, shipping as part of third-party cookie deprecation (3PCD) <https://developers.google.com/privacy-sandbox/3pcd>, would cause it to indicate whether unpartitioned cookie access is possible (causing it to return false in most cross-site iframes). We should restore the prior behavior of navigator.cookieEnabled <https://developer.mozilla.org/en-US/docs/Web/API/Navigator/cookieEnabled> which indicated only if cookies were enabled/disabled for the site and rely on the cross-vendor function document.hasStorageAccess <https://developer.mozilla.org/en-US/docs/Web/API/Document/hasStorageAccess> to indicate if unpartitioned cookie access is possible. Blink component Internals>Network>Cookies <https://bugs.chromium.org/p/chromium/issues/list?q=component:Internals%3ENetwork%3ECookies> Motivation Divergence in the meaning <https://developer.mozilla.org/en-US/docs/Web/API/Navigator/cookieEnabled> of navigator.cookieEnabled will cause confusion as Chrome rolls out 3PCD. We have a window, before 3PCD ships, to restore prior behavior now that there is some amount of consensus <https://github.com/whatwg/html/issues/10256> between browser vendors on what navigator.cookieEnabled should indicate in third-party contexts. TAG review This is a minor change to align browsers on standardized behavior so we did not request TAG review. Compatibility Some websites adapting to Chrome’s 3PCD rollout <https://developers.google.com/privacy-sandbox/3pcd> may have used navigator.cookieEnabled as a proxy for document.hasStorageAccess, but we will start recommending the use of hasStorageAccess moving forward. To be clear, the behavior change is only web-observable in Chrome instances where third-party cookie blocking is turned on. Metrics on third-party context use <https://chromestatus.com/metrics/feature/timeline/popularity/4937> of navigator.cookieEnabled are being gathered in M125, but without 3PCD fully rolled out the impact should be minimal, especially where websites wish to support Safari (which already adopts the behavior we propose aligning with). Interoperability Safari is already aligned but Firefox mirrors current Chrome behavior. Gecko: Preliminary positive feedback. <https://github.com/whatwg/html/issues/10256#issuecomment-2049750772> We asked if they’d like us to file a standards position for this relatively minor change, and they said it’s not needed. WebKit: Shipping <https://developer.mozilla.org/en-US/docs/Web/API/Navigator/cookieEnabled> Web developers: No Signal Debuggability Access to cookies and unpartitioned cookies is visible in DevTools. Is this feature fully tested by web-platform-tests? Testing the effects of user-provided cookie settings on this function cannot be done in WPTs. Tracking bug https://crbug.com/335553590 Link to entry on the Chrome Platform Status https://chromestatus.com/feature/6227655153418240 -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAGpy5DLy9XBAFOyPdfRHE70nUStV0fAVWVSjL1xZDG7Mr4xnFQ%40mail.gmail.com.
