-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Writing to Shared Storage via response headers #126
Comments
Hello and thanks so much for testing this new feature! You'll need to use For example:
|
Thank you @pythagoraskitty |
Hello @pythagoraskitty . I'm trying out this feature, but unfortunately it seams to not working for me. In my setup I'm using chrome version: 120.0.6099.71, and for testing purpose an express server to set corresponding headers into response. What i'm missing from the request header is the |
Yes, when the server receives the request, it should have the request header "Sec-Shared-Storage-Writable: ?1", if opted in correctly and with permissions that allow it, and if shared storage is enabled (it should be enabled by default). Can you please tell me how you are making the request? Have you double-checked that your permissions policy allows shared storage for the origin of the request? Also, how are you checking for the request header? JavaScript on the client will not be able to see it because it's a forbidden header; only the server should be able to see it. Have you confirmed that the server cannot see it? Any further details you can give me to assist you in debugging would be appreciated. Thank you. |
Thank you for your response. How should i check that permission policy is allowed ? Do you mean that when the page is send back should i put it on the response headers like this: This is the sample express endpoint which I'm using:
And this is the request which I made :
I'm checking in dev-tools to see if on the request the "Sec-Shared-Storage-Writable" is present, should be this visible there? On the server also the header is not visible. Thank you. |
Is your It's possible that You can check permissions policy through: The "Sec-Shared-Storage-Writable" request header will only be added if the request opts in (e.g. by including I believe that the "Sec-Shared-Storage-Writable" request header should be visible to DevTools if it has been added. It definitely should be visible to the server. So it sounds like in your case it's not being added, which means there is most likely a permissions policy issue, or else you're trying to make the fetch request from a service worker (where shared storage response headers aren't supported). Or there is a chance that your browser doesn't have shared storage enabled, so you should double check that. |
Unfortunately the response headers did not ship by default as intended with 119 due to a bug in enabling them by default. They are now enabled by default in 124, but have to be manually enabled via command line in milestones 119 to 123. If you are still running into issues with testing them, then please use Chrome 124+ or else Chrome 119+ with Let us know if you run into further trouble while testing after making these adjustments. Thank you. |
Hello @pythagoraskitty and thanks for your suggestions. I tried in this morning with Chrome 123 with that feature flag enabled, and it is not working, but with version 124 from Chrome Dev, shared storage keys are set based on headers values. |
Here is a demo that may help with troubleshooting for 123 with the feature enabled. In particular, for your test setup, are you overriding the attestation requirement, or is the site you are testing already attested? If you are overriding the attestation, you may find that, by launching from the command line, you need to update your overrides again, and this may be why the headers are failing (i.e. the site is seen as not attested). Does DevTools console give you any error message when trying to send the headers? |
As described here https://github.com/WICG/shared-storage#writing-to-shared-storage-via-response-headers
I'm trying to set shared storage using via response headers.
var x = new XMLHttpRequest();
x.setRequestHeader("sharedStorageWritable", "true");
and so on...
The origin send Sharedstoragewritable in the request header with value true
The response header contains the Shared-Storage-Write but nothing is written into origin shared storage.
I do not see the Sec-Shared-Storage-Writable in the request header as I would expected.
I did a test also on same domain to avoid any permissions checks issues.
The text was updated successfully, but these errors were encountered: