[Webkit-unassigned] [Bug 222240] [WebAuthn] Using WebAuthn within cross-origin iframe elements

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Oct 28 09:23:20 PDT 2021


https://bugs.webkit.org/show_bug.cgi?id=222240

John Wilander <wilander at apple.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |wilander at apple.com

--- Comment #3 from John Wilander <wilander at apple.com> ---
WebKit on Cocoa platforms (and possibly other platforms too) block cookies for cross-site resources by default. All other state and storage is partitioned per first-party site. Whatever this support entails must not regress the privacy protections we already have in place. One way of resolving this is to tie it to the Storage Access API.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20211028/98326732/attachment.htm>


More information about the webkit-unassigned mailing list