Contact emailsale...@chromium.org Specification https://patcg-individual-drafts.github.io/private-aggregation-api/#dom-privateaggregation-enabledebugmode
Summary Currently, the availability of Private Aggregation’s debug mode is tied to a caller's eligibility to set a third-party cookie (see https://chromestatus.com/feature/5148973702840320). However, an edge case was missed in this logic: if the caller can only set a third-party cookie due to a top-level site exception (i.e. the user has generally disabled third-party cookies), this could allow access to information set from other sites that are not on the exception list. To avoid this issue, we plan to start ignoring these top-level site exceptions when determining the availability of Private Aggregation’s debug mode. (It is not possible in Chrome to generally enable third-party cookies but disable them on one site, so the inverse case doesn’t need to be considered.) This does not require a spec change. Note that this new behavior can reveal to the site that the user has generally disabled third-party cookies. Blink componentBlink>PrivateAggregation <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPrivateAggregation> TAG reviewhttps://github.com/w3ctag/design-reviews/issues/846 (We have not requested a signal for these changes specifically.) TAG review statusDeclined Risks Interoperability and Compatibility enableDebugMode() will be silently ignored for callers in this particular scenario (like other cases where debug mode is not available). Note that this will not affect the page directly. So, this only affects the report(s) later sent to a .well-known address. *Gecko*: No signal ( https://github.com/mozilla/standards-positions/issues/805) We have not requested a signal for this change specifically. The Gecko position on Shared Storage (one of the ways Private Aggregation is exposed) is negative. *WebKit*: No signal ( https://github.com/WebKit/standards-positions/issues/189) We have not requested a signal for this change specifically. *Web developers*: No signals *Other signals*: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? None Debuggability This slightly reduces the scope of the debug mode. However, other debugging pages, e.g. the internals page, will accurately reflect the debug mode state. Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)? All but WebView Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ?No; this change does not modify the spec, so no WPTs change. Flag name on about://flagsNone Finch feature namePrivateAggregationDebugReportingIgnoreSiteExceptions Requires code in //chrome?False Tracking bughttps://crbug.com/364318217 Launch bughttps://launch.corp.google.com/launch/4349008 Estimated milestones Shipping on desktop 132 Shipping on Android 132 Anticipated spec changes Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way). None Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5077311532302336?gate=5175359327436800 This intent message was generated by Chrome Platform Status <https://chromestatus.com/>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiFmr6QmADeNeHHn5ObLb-4XUPbVa_87tw7Mq-O-MM-QFNA%40mail.gmail.com.
