Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Embedded Analytics scenario (A - B - A) #9

Open
petipp opened this issue Mar 9, 2024 · 0 comments
Open

Embedded Analytics scenario (A - B - A) #9

petipp opened this issue Mar 9, 2024 · 0 comments

Comments

@petipp
Copy link

petipp commented Mar 9, 2024

We have an analytics product that accesses data sources directly from the browser via CORS Fetch/XHR requests.
This analytics product has scenarios in which it is embedded in another application.

When the analytics product then queries the business application (as the data source) it results in an "A - B - A" deployment:

  1. The business application UI (A)
  2. opens the analytics product in an iframe (B)
  3. which accesses the business data via CORS Fetch/XHR requests to the business application server (A)

UI Embedding (A => B)
The analytics product is authenticated via SAML redirects to a common identity provider (with the assumption that the identity provider within the iframe will find its first party cookies, via requestStorageAccess if necessary).

Data Access (B => A)
For data access, the analytics product may open a pop-up against the business application to ensure that there is a session with the target system. In the embedded case, the pop-up can be omitted, or will immediately close due to the fact that A already has a valid first-party session cookie.

Then the actual data access happens via Fetch/XHR using CORS with Access-Control-Allow-Credentials. This expects that the first party session cookie (from the top-level business application) can be accessed from this third party context.

Discussion of Privacy Sandbox features

  • Partitioning the Business Application's cookies will break the data access. Even using mechanisms to propagate the authentication information into the partitioned context, it still results in two active sessions with the business application within one user workflow.
  • Storage Access API requires an unauthenticated document hosted by A and injected into a iframe within B. This is not trivial to implement due to the large number of business applications that would need to be revised. On top of that, the storage access request only applies to the iframe itself and not to any CORS requests made from B.
  • The storage access headers proposal does seem promising for this case, but it would need to lower overhead and ideally the storage access should be auto-granted given the fact that the same domain is at the top-level.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant