I was recently chatting with John Wilander ( @johnwilander ) from the WebKit team at Apple about Safari ITP ( Intelligent Tracking Prevention ) and he mentioned something that has been really helpful:
Think of it as a per-page, per-frame thing
The Storage Request Access API has very specific conditions in relationship to ITP, and a whole section on when those permissions can be automatically removed. That part is worth extra attention:
Access Removal
Storage access is granted for the life of the document as long as the document’s frame is attached to the DOM. This means:
– Access is removed when the sub frame navigates.
– Access is removed when the sub frame is detached from the DOM.
– Access is removed when the top frame navigates.
– Access is removed when the webpage goes away, such as a tab close.
Not much wiggle room there.
The mental model of “Safari ITP: per-page, per-frame” sums it up nicely. Thank you @johnwilander.