tokono.ma
See index page for more context.
State partitioning makes using applets cross origin difficult. The way around this is by using the storage-access api. If you use an applet from domain B on domain A, the applet from domain B needs to use the unpartitioned storage handle to manage storage. Additionally, domain A needs to include UI from domain B through an iframe to trigger that storage permission request (a permission popup by the browser).
Since all important state is synced via the output applets, it's only the output applets that need to deal with this unpartitioned state stuff.
To do:
- Output configurator and local state in specific output applets (eg. indexedDB one) needs to use the unpartitioned storage handle.
- Somehow trigger permission request without being annoying. It only needs to be done once per domain, so nothing too crazy. Could make a page specifically to acquire this permission, ie. to be used in an iframe on another domain.
That said, if you host the output applets on the same domain of your theme (or whatever consumes said applets), then I guess this isn't an issue.
https://github.com/privacycg/storage-access