Clarifying SecurityError in StorageManager.getDirectory #39859
Conversation
github-actions
bot
added
Content:WebAPI
mpsuzuki
force-pushed
the
pr-describe-errors-in-OPFS-getDirectory
branch
7 times, most recently
from
c7acaec to
14f1dc1
Compare
|
Preview URLs (comment last updated: 2025-06-18 15:15:59) |
| - : Thrown if the user agent is not able to map the requested directory to the local OPFS, due to factors such as: | ||
| - **Storage or memory constraints** that prevent OPFS allocation. | ||
| - **Security policies**, including restrictions in non-secure contexts (e.g., non-HTTPS sessions). | ||
| - **Private browsing mode**, where OPFS access is commonly restricted by browsers to prevent persistent data storage. |
There was a problem hiding this comment.
Does this mean that the API doesn't work in private browsing mode? Our documentation on storage quotas and persistence (https://developer.mozilla.org/en-US/docs/Web/API/Storage_API/Storage_quotas_and_eviction_criteria#private_browsing) says that in PB mode data is not persisted after the session ends, but not that the API is itself disabled. Do you have a test case where we can try this out?
There was a problem hiding this comment.
My testcase was found during my experiments with SQLite3 WASM, https://gitlab.com/mpsuzuki/test-sqlite3-wasm. I would update this repository by this weekend, to add local https servers for test.
In my experiment, the Private Browsing mode on Google Chrome and Microsoft Edge allow the clients to write something to OPFS. On the other hand, the Private Browsing mode on Firefox and Apple Safari disallow the clients to write anything on OPFS.
There was a problem hiding this comment.
It looks to me like, yes, Firefox throws when you call this method in PB mode. But in Safari, it looks like navigator.storage is just unavailable:
So I'm not seeing this (from https://gitlab.com/mpsuzuki/test-sqlite3-wasm#known-limitations):
For example, in the Private Browsing mode, ...Apple Safari returns "Unhandled Promise Rejection: UnknownError: The operation failed for an unknown transient reason (e.g. out of memory)".
There was a problem hiding this comment.
Ideally we document browser-specific behavior in the browser compatibility table, so we could have a note attached to the Firefox entry for getDirectory saying something like "Throws a SecurityError in private browsing mode".
There was a problem hiding this comment.
Listing the failures & errors in each browser is ideal, I fully agree, but I'm afraid it is too version-specific and the maintenance can be heavy task.
For example, my Safari 18.5 running on Ventura (macOS 13.7.6) shows the errors like below for my test case. The screenshot is taken by Japanese language environment (I'm sorry), "プライベート" means "private", "バージョン" means "version". navigator.storage is available under the Private Browsing mode. Which version of your Safari?
There was a problem hiding this comment.
Just I've updated my testkit test-sqlite3-wasm, HTTPS & HTTP servers are added.
There was a problem hiding this comment.
Yes, I can confirm that I get an error on Safari 18.4. But it's not a SecurityError, it's UnknownError:
It is a SecurityError in Firefox.
mpsuzuki
force-pushed
the
pr-describe-errors-in-OPFS-getDirectory
branch
8 times, most recently
from
288a2a8 to
1feb698
Compare
|
@wbamberg , please could you tell me about the tasks unresolved in my side? |
mpsuzuki
force-pushed
the
pr-describe-errors-in-OPFS-getDirectory
branch
from
1feb698 to
d37c61b
Compare
The requirement of the SSL session is already documented at the beginning of OPFS documentation. So no need to repeat. Suggested by wbambarg@github.
Co-authored-by: wbamberg <will@bootbonnet.ca>
mpsuzuki
force-pushed
the
pr-describe-errors-in-OPFS-getDirectory
branch
from
58086ea to
76e3b91
Compare
|
Thank you! |
Description
Add concrete examples of the error in OPFS getDirectory() method, at StorageManager.getDirectory#Exceptions
Motivation
Currently, the documentation states:
I propose adding concrete scenarios that cause this exception, as the lack of detail may lead to confusion for developers implementing OPFS-based storage, like:
Additional details
SQLite developers have specifically highlighted OPFS limitations in Incognito and Guest modes in their documentation: Achtung: Restrictions in Incognito and Guest Browsing Modes.
In real-world tests, both Firefox and Safari threw a SecurityError when calling getDirectory() inside Private Browsing mode:
Firefox 128.11.0 error: "Security error when calling GetDirectory"
Safari 17.6 error: "UnknownError: The operation failed for an unknown transient reason (e.g. out of memory)"
While browsers intentionally obscure Private Browsing detection, a small note in MDN can help developers anticipate storage failures in such contexts without directly exposing detection mechanisms.
Would it be possible to add a small clarification about these known limitations to better support developers encountering this issue?
Related issues and pull requests