Chrome 110 Changes How Web Share API Embeds Third Party Content

Chrome 110, scheduled to roll out on February 7, 2023, contains a change to how it handles the Web Share API that improves privacy and security by requiring the Web Share API to explicitly allow third-party content.

This might not be something that an individual publisher needs to act on.

It’s probably more relevant on the developer side where they are making things like web apps that use the Web Share API.

Nevertheless, it’s good to know what it is for the rare situation when it might be useful for diagnosing why a webpage doesn’t work.

The Mozilla developer page describes the Web Share API:

“The Web Share API allows a site to share text, links, files, and other content to user-selected share targets, utilizing the sharing mechanisms of the underlying operating system.

These share targets typically include the system clipboard, email, contacts or messaging applications, and Bluetooth or Wi-Fi channels.

…Note: This API should not be confused with the Web Share Target API, which allows a website to specify itself as a share target”

allow=”web-share” Attribute

An attribute is an HTML markup that modifies an HTML element in some way.

For example, the nofollow attribute modifies the anchor element, by signaling the search engines that the link is not trusted.

The

Google calls this a “a potentially breaking change in the Web Share API.

The announcement warns:

“If a sharing action needs to happen in a third-party iframe, a recent spec change requires you to explicitly allow the operation.

Do this by adding an allow attribute to the