Safari App Extension with ITP Support

Hey there,


We're working on our updated Safari Extension and have a version working that mimics the behavior of our legacy extension. This unfortunately still requires users to disable "Prevent cross-site tracking" (ITP) which we want to resolve ASAP.


Our extension injects an iframe into the current tab to show you a Composer hosted on our domain for sharing the current page on various Social Media networks. As far as I can tell it looks like the solution is to use the Storage Access API so our domains cookies are accessible in the current tab.


I wondered if anyone is able to confirm that and perhaps point me in the right direction in terms of how its implemented within a Safari extension? I tried a few different approaches with this API, each time being granted access but the page within the iframe still didn't correctly load my logged in session.


One other thought is to allow the user to authenticate within the wrapper Mac app, however I'm unsure how to securely pass the keychain item to the iframe.


Thanks so much,