It's quite challenging, but I've been able to deal with some of these limitations for . What are you trying to do?
This Tweet was deleted by the Tweet author. Learn more
Conversation
This Tweet was deleted by the Tweet author. Learn more
Replying to
As far as I’ve been able to tell, there’s no way to achieve that “silently” (and that’s sort of the point of the privacy policy, unfortunately). You’ll need some sort of login / “connect to service” button. It’s frustrating.
There’s a carve-out for popup windows, so once the user’s interacted with the first-party domain once, you can “login” by opening a popup window to the first-party domain, fetching the credential, posting it back to the opener, and closing. Need interaction to open a popup tho.
1
It’s a shame that the requestStorageAccess confirmation UI is so hostile. I’m trying to use it for “good” purposes, but if I were a user I’d find that messaging quite sketchy!