content
content copied to clipboard
mdn
Document.requestStorageAccess() article has incorrect conditions for granting storage access
MDN URL
https://developer.mozilla.org/en-US/docs/Web/API/Document/requestStorageAccess
What specific section or headline is this issue about?
Conditions for granting storage access
What information was incorrect, unhelpful, or incomplete?
Step 6 "If the sub frame is not sandboxed, skip to step 7." should probably say "skip to step 8". It seems that a new step was added and previously step 6 was a step 5.
What did you expect to see?
"If the sub frame is not sandboxed, skip to step 8." Or some other correct step number. Right now it makes no sense.
Do you have any supporting links, references, or citations?
https://github.com/mdn/content/blame/7bb3fdafca009b9a8daad04d16e8ba6f63c8a98e/files/en-us/web/api/document/requeststorageaccess/index.md
Do you have anything more you want to share?
No response
MDN metadata
Page report details
- Folder:
en-us/web/api/document/requeststorageaccess - MDN URL: https://developer.mozilla.org/en-US/docs/Web/API/Document/requestStorageAccess
- GitHub URL: https://github.com/mdn/content/blob/main/files/en-us/web/api/document/requeststorageaccess/index.md
- Last commit: https://github.com/mdn/content/commit/9b7a9bc69687b72851bc045bbbeeae5f5dabc788
- Document last modified: 2022-07-11T09:28:33.000Z
I have removed the "good first issue" (FYI @sideshowbarker) as IMO the job here is non trivial.
The page was written (as far as I can tell) based on https://webkit.org/blog/8124/introducing-storage-access-api/, which was based on an early draft. The current spec seems quite different. For example, item 2 is "If the document already has been granted access, resolve." but the spec does not appear to have this at all.
In addition there is a lot of information about sub frames "If the sub frame doesn't have the token allow-storage-access-by-user-activation, reject" which I can't verify - my limited understanding seems to indicate that this would be true, but there are other restrictions on sandboxing that aren't mentioned.
Upshot all of those steps really need to be unpicked. That would be faster for someone familiar with the spec, and would be hard for a first user.
IN addition, the text that follows the checks talks a lot about Firefox implementation and how long permissions are granted. I suspect that this is simply not covered by the spec so it is fine to have firefox implementation, but that should be split out more clearly from "spec behaviour".
@sideshowbarker I could take this on, but it will take me a while to get to. Is there someone with more experience in this area you could suggest I ask?
@sideshowbarker I could take this on, but it will take me a while to get to. Is there someone with more experience in this area you could suggest I ask?
Certainly @johnwilander, @johannhof, and @hober have the necessary familiarity with the spec…
IN addition, the text that follows the checks talks a lot about Firefox implementation and how long permissions are granted. I suspect that this is simply not covered by the spec so it is fine to have firefox implementation, but that should be split out more clearly from "spec behaviour".
Yeah I don’t think we can expect anybody else to work on that part — so in the interest of having a better chance to get somebody in to help with the parts that are documented what’s actually in the spec, it might make sense to first cleanly separate out the Firefox-specific parts (either into a separate section or even into a separate document).
