Storage Partitioning Breaks CHAPI #39
Comments
|
Thanks for reporting this. It looks like we'll need to switch Chrome over to using the popup mechanism that other browsers use. Unfortunately, there doesn't seem to be an easy way to feature detect this -- so we'll just switch things over. People may lose their wallet registrations and have to register again, but that should be a one time thing. |
|
We now use the popup mechanism as of the 6.0.0 release of the mediator: Consequently, this is not so much "fixed" as "acknowledged as an unavoidable reality" and things now work the same across all similar environments. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Google has started rolling out Storage Partitioning, and it caused an odd headache for me that completely broke CHAPI.
Because of Storage Partitioning,
authn.iosuddenly had different localStorage partitions in different CHAPI sites, meaning if I registered a wallet at https://learncard.app, then tried to issue a VC into it at https://vcplayground.org, when VC Playground opensauthn.io, it has no idea that I've registered over at LearnCard. Even worse, if I select LearnCard from the suggested list,https://learncard.appnow also has its ownlocalStoragepartition in the embedded iframe, meaning I am now completely logged out!I was able to fix this by going to
chrome://flagsand explicitly disabling Experimental third-party storage partitioning.If I understand correctly, opening authn.io/the embedded site in a popup will defeat this, since those become the top level site in the popup, but this is currently not happening, and is leading to a very broken, confusing experience =/
The text was updated successfully, but these errors were encountered: