As requestStorageAccess in the Storage Access API is being switched to be frame-only, the former page-level behavior is now a gap. The ability to grant access for subresources in addition to iframes is likely important to preserve.

This proposal is to consider requestStorageAccessFor (name very much TBD) as a separate work item. It would work similarly to the old page-level requestStorageAccess behavior, but access would be requested by the top-level site on behalf of embedded origins. This both unlocks the old page-level behavior and ensures that the top-level site, which controls subresource loading, has control. This would require elevated trust to prevent abuse and potential security issues.

Note that requestStorageAccessFor was previously proposed as part of the Storage Access API, but the aforementioned frame-only behavior means that the new API should probably be a separate entity.

More context can be found in the old proposal under SAA or in the explainer.

@bvandersloot-mozilla @johannhof