In the future, more browsers will implement State Partitioning.
This will prevent unpermissioned cross-site communication to prevent tracking without consent. This will also break our authentication flow, which uses an iframe on the App's site to retrieve the UCAN and read key from authentication.
This already affects users of FIrefox Nightly and Brave today.
Keep in mind that error messages mentioning "cross origin cookies" are related, even though we're not using what's traditionally understood as cookies. LocalStorage, SessionStorage, IndexedDB and Cookies are all ways of creating state in websites and in some error messages are treated under the "cookie" banner.
I've started a draft on what a in-the-mean-time solution, which would ask the user for permission, would look like in #85
In the future, more browsers will implement State Partitioning.
This will prevent unpermissioned cross-site communication to prevent tracking without consent. This will also break our authentication flow, which uses an iframe on the App's site to retrieve the UCAN and read key from authentication.
This already affects users of FIrefox Nightly and Brave today.
Keep in mind that error messages mentioning "cross origin cookies" are related, even though we're not using what's traditionally understood as cookies. LocalStorage, SessionStorage, IndexedDB and Cookies are all ways of creating state in websites and in some error messages are treated under the "cookie" banner.
I've started a draft on what a in-the-mean-time solution, which would ask the user for permission, would look like in #85