Summary Service Workers are currently disabled in a third-party context when dFPI (State Partitioning <https://hacks.mozilla.org/2021/02/introducing-state-partitioning/>) is enabled. This behavior was initially chosen because we had not observed sites relying on third-party service workers and it was good for privacy protection. With Bug 1725216, we see that there is a demand for third-party service workers. To resolve this issue, we will enable partitioned third-party service workers in dFPI.
In dFPI, third-party iframes will first get partitioned storage until storage access has been granted to the third party. After that, the third party will have access to its first-party storage. However, this won’t apply to partitioned Service Workers, which will remain partitioned even when storage access is granted, following recent research <https://www.ndss-symposium.org/ndss-paper/awakening-the-webs-sleeper-agents-misusing-service-workers-for-privacy-leakage/> on potential privacy leakage through embedded unpartitioned Service Workers Note that this change won’t affect the first-party Service Workers. And we will first only enable this in Nightly. We are targeting enabling this in Nightly 96. Standard https://github.com/privacycg/storage-partitioning Bug Bug 1730885 <https://bugzilla.mozilla.org/show_bug.cgi?id=1730885> Platform coverage All Preference privacy.partition.serviceWorkers DevTools bug N/A Other browsers Safari has already implemented permanently partitioned third-party Service Workers. Chrome hasn’t implemented this yet, but has plans to partition all its storage APIs, including Service Workers. Web-platform-tests N/A -- Tim Huang Mozilla email:[email protected] -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-platform/CAFjL7MK9KcbtoZj_z-A48fkfaFS5Go%2BNGc%2BpY42DsOpEUbOxXw%40mail.gmail.com.
