就业培训     下载中心     Wiki     联络
登录   注册
  1. 首页
  2. Web API
  3. Document
  4. Document.requestStorageAccess()

在此页

requestStorageAccess() 方法在 Document interface returns a Promise that resolves if the access to first-party storage was granted, and rejects if access was denied.

Conditions for granting storage access

Storage access is granted based on a series of checks described here:

  1. If the document already has been granted access, resolve.
  2. If the document has a null origin, reject.
  3. If the document's frame is the main frame, resolve.
  4. If the sub frame's origin is equal to the main frame's, resolve.
  5. If the sub frame is not sandboxed, skip to step 7.
  6. If the sub frame doesn't have the token allow-storage-access-by-user-activation , reject.
  7. If the sub frame's parent frame is not the top frame, reject.
  8. If the browser is not processing a user gesture, reject.
  9. Check any additional rules that the browser has. Examples: allow lists, block lists, on-device classification, user settings, anti-clickjacking heuristics, or prompting the user for explicit permission. Reject if some rule is not fulfilled.
  10. Grant the document access to cookies and other site storage and store that fact for the purposes of future calls to Document.hasStorageAccess() and requestStorageAccess() .

Assuming all of the requirements above are satisfied, Firefox will automatically grant storage access to the requesting origin on up to a threshold number of first-party origins in the current session for the duration of user’s session, up to a maximum of 24 hours. After the requesting origin has exceeded the maximum allowable number of storage access grants, any future call to requestStorageAccess() during the same browsing session will prompt the user.

The maximum number of concurrent storage access grants an origin can obtain is a positive integer currently defined as one percent of the number of top-level origins visited in the current session or 5, whichever is higher. The threshold is enforced on the level of eTLD+1, so for example two storage access grants for foo.example.com and bar.example.com will only count as a single exception against the limit.

At the time of a requestStorageAccess() call, if the requesting origin has storage access to...

...fewer origins than the maximum:

  • The user is not prompted.
  • The origin is given an ephemeral storage access grant for the current top-level origin.
  • The number of origins the requesting origin has storage access to is incremented by one.
  • The ephemeral storage access grant is:
    • Invalidated at the end of the browser session.
    • Not persisted to disk (e.g. will not persist if the browser crashes).
    • Reset after 24 hours in the case of a long-running browser session.

...equal or more origins than the maximum:

  • The user is prompted
  • If the user clicks “Allow” or “Allow on any site” the request is resolved.
  • If the user clicks “Don’t Allow”, the storage access request is rejected and the requesting origin can re-request once it receives another user interaction.
  • If the user allows storage the requesting origin is given a persistent storage access grant on the current top-level origin.
  • The number of origins the requesting origin has storage access to is incremented by one.
  • The persistent storage access permission is:
    • Persisted to disk and will remain valid in future browser sessions.
    • Reset after 30 days.

When an ephemeral or persistent storage access grant expires, the number of origins the requesting origin has storage access to is decremented by one.

注意 : If the requesting origin is not classified as a tracking origin , the access request is automatically given an ephemeral storage access grant, which will go away when the page is reloaded. The user is never shown a prompt in this case, and calling requestStorageAccess() won’t have any side effects besides changing the value returned by Document.hasStorageAccess() .

调试

The storage access grant threshold may make it more difficult to test your website under the condition where Firefox prompts the user for access. To make testing easier, we have added two preferences in about:config that control prompting upon requestStorageAccess() 调用:

  • dom.storage_access.auto_grants can be set to false to disable the automatic granting of ephemeral storage access grants. All calls to requestStorageAccess() by origins classified as trackers will trigger a prompt.
  • dom.storage_access.max_concurrent_auto_grants controls the threshold number of storage access grants at which users will begin to receive prompts. For example, if you want to configure Firefox to automatically grant access on the first site where requestStorageAccess() is called and then prompt afterwards, you should adjust the value of the dom.storage_access.max_concurrent_auto_grants preference to 1.

句法 

var promise = document.requestStorageAccess();

参数

None.

返回值

A Promise that fulfills with undefined if the access to first-party storage was granted, and rejects if access was denied.

When the promise gets resolved, the resolve handler will run as if a user gesture is being processed, whether the promise was fulfilled or rejected:

  • In the former case, code can then start to call APIs that require user activation and things can move forward.
  • In the latter case, code can run to inform the user of why the request failed and what they can do to continue (for example asking them to log in, if that is a requirement).

范例 

document.requestStorageAccess().then(
  () => { console.log('access granted') },
  () => { console.log('access denied') }
);

规范

The API is currently only at the proposal stage — the standardization process has yet to begin. You can currently find specification details of the API at Apple's Introducing Storage Access API blog post, and the Storage Access API proposal in the Privacy CG .

浏览器兼容性

The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request. 更新 GitHub 上的兼容性数据
桌面 移动
Chrome Edge Firefox Internet Explorer Opera Safari Android webview Chrome for Android Firefox for Android Opera for Android Safari on iOS Samsung Internet
requestStorageAccess 非标 Chrome No Edge No Firefox 65 IE No Opera No Safari 11.1 WebView Android No Chrome Android No Firefox Android 65 Opera Android No Safari iOS 11.3 Samsung Internet Android No

图例

完整支持

完整支持

不支持

不支持

实验。期望将来行为有所改变。

实验。期望将来行为有所改变。

非标。预期跨浏览器支持较差。

非标。预期跨浏览器支持较差。

用户必须明确启用此特征。

用户必须明确启用此特征。

另请参阅

存储访问 API

元数据

  • 最后修改:
  1. Document
  2. 构造函数
    1. Document()
  3. 特性
    1. alinkColor
    2. all
    3. anchors
    4. applets
    5. bgColor
    6. body
    7. characterSet
    8. childElementCount
    9. children
    10. compatMode
    11. contentType
    12. currentScript
    13. defaultView
    14. designMode
    15. dir
    16. doctype
    17. documentElement
    18. documentURI
    19. documentURIObject
    20. domain
    21. domConfig
    22. 嵌入
    23. fgColor
    24. firstElementChild
    25. forms
    26. fullscreen
    27. fullscreenEnabled
    28. head
    29. height
    30. hidden
    31. 图像
    32. 实现
    33. lastElementChild
    34. lastModified
    35. lastStyleSheetSet
    36. linkColor
    37. 链接
    38. location
    39. mozSyntheticDocument
    40. onabort
    41. onafterscriptexecute
    42. onanimationcancel
    43. onanimationend
    44. onanimationiteration
    45. onauxclick
    46. onbeforescriptexecute
    47. onblur
    48. oncancel
    49. oncanplay
    50. oncanplaythrough
    51. onchange
    52. onclick
    53. onclose
    54. oncontextmenu
    55. oncuechange
    56. ondblclick
    57. ondurationchange
    58. onended
    59. onerror
    60. onfocus
    61. onformdata
    62. onfullscreenchange
    63. onfullscreenerror
    64. ongotpointercapture
    65. oninput
    66. oninvalid
    67. onkeydown
    68. onkeypress
    69. onkeyup
    70. onload
    71. onloadeddata
    72. onloadedmetadata
    73. onloadend
    74. onloadstart
    75. onlostpointercapture
    76. onmousedown
    77. onmouseenter
    78. onmouseleave
    79. onmousemove
    80. onmouseout
    81. onmouseover
    82. onmouseup
    83. onoffline
    84. ononline
    85. onpause
    86. onplay
    87. onplaying
    88. onpointercancel
    89. onpointerdown
    90. onpointerenter
    91. onpointerleave
    92. onpointermove
    93. onpointerout
    94. onpointerover
    95. onpointerup
    96. onreset
    97. onresize
    98. onscroll
    99. onselect
    100. onselectionchange
    101. onselectstart
    102. onsubmit
    103. ontouchcancel
    104. ontouchstart
    105. ontransitioncancel
    106. ontransitionend
    107. onvisibilitychange
    108. onwheel
    109. origin
    110. plugins
    111. popupNode
    112. preferredStyleSheetSet
    113. readyState
    114. referrer
    115. rootElement
    116. 脚本
    117. scrollingElement
    118. selectedStyleSheetSet
    119. styleSheetSets
    120. timeline
    121. title
    122. tooltipNode
    123. URL
    124. visibilityState
    125. vlinkColor
    126. width
    127. xmlEncoding
    128. xmlVersion
  4. 方法
    1. adoptNode()
    2. append()
    3. caretRangeFromPoint()
    4. clear()
    5. close()
    6. createAttribute()
    7. createCDATASection()
    8. createComment()
    9. createDocumentFragment()
    10. createElement()
    11. createElementNS()
    12. createEntityReference()
    13. createEvent()
    14. createExpression()
    15. createExpression()
    16. createNodeIterator()
    17. createNSResolver()
    18. createNSResolver()
    19. createProcessingInstruction()
    20. createRange()
    21. createTextNode()
    22. createTouch()
    23. createTouchList()
    24. createTreeWalker()
    25. enableStyleSheetsForSet()
    26. evaluate()
    27. evaluate()
    28. execCommand()
    29. exitFullscreen()
    30. exitPointerLock()
    31. getAnimations()
    32. getBoxObjectFor()
    33. getElementById()
    34. getElementsByClassName()
    35. getElementsByName()
    36. getElementsByTagName()
    37. getElementsByTagNameNS()
    38. hasFocus()
    39. hasStorageAccess()
    40. importNode()
    41. mozSetImageElement()
    42. open()
    43. prepend()
    44. queryCommandEnabled()
    45. queryCommandSupported()
    46. querySelector()
    47. querySelector()
    48. querySelectorAll()
    49. querySelectorAll()
    50. registerElement()
    51. releaseCapture()
    52. replaceChildren()
    53. requestStorageAccess()
    54. write()
    55. writeln()
  5. 事件
    1. animationcancel
    2. animationend
    3. animationiteration
    4. animationstart
    5. copy
    6. cut
    7. DOMContentLoaded
    8. drag
    9. dragend
    10. dragenter
    11. dragexit
    12. dragleave
    13. dragover
    14. dragstart
    15. drop
    16. fullscreenchange
    17. fullscreenerror
    18. gotpointercapture
    19. keydown
    20. keypress
    21. keyup
    22. lostpointercapture
    23. paste
    24. pointercancel
    25. pointerdown
    26. pointerenter
    27. pointerleave
    28. pointerlockchange
    29. pointerlockerror
    30. pointermove
    31. pointerout
    32. pointerover
    33. pointerup
    34. readystatechange
    35. scroll
    36. selectionchange
    37. selectstart
    38. touchcancel
    39. touchend
    40. touchmove
    41. touchstart
    42. transitioncancel
    43. transitionend
    44. transitionrun
    45. transitionstart
    46. visibilitychange
    47. wheel
  6. 继承:
    1. 节点
    2. EventTarget