Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Local storage event listener not working in Firefox

  • 5 replies
  • 2 have this problem
  • 1 view
  • Last reply by sea1jxr

more options

I have a sandbox iframe which is hosted by various websites. Lets assume that this iframe is loaded like this: <script src="https://example.com/wie.js"></script> I have already added 'allow-scripts allow-forms allow-modals allow-same-origin allow-popups allow-popups-to-escape-sandbox allow-storage-access-by-user-activation' at sandbox. I also use document.requestStorageAccess() from inside the iframe and I set event listeners for the storage like this:

window.addEventListener('storage', onStorageFunc, false);. From the iframe a popup window is presented when user clicks a specific button and the popup opens at lets say at this url "https://paypal.com". After user navigation on popup, paypal at the end of the flow redirects user to this url "https://example.com/success". At this point when user is navigated to /success I add some data to local storage which I expect to trigger the storage event listener and the onStorageFunc to run. This doesn't happen, while in other browsers it works as expected.

Since both popup and iframe are under the same url (https://example.com) and I have used requestStorageAccess, I would expect this to work normally. Can you please help me to find out what is going wrong here? In the past I had the same problem but it was fixed when I added 'requestStorageAccess' and 'allow-storage-access-by-user-activation'. Now I can see it happening again.

I have a sandbox iframe which is hosted by various websites. Lets assume that this iframe is loaded like this: <script src="https://example.com/wie.js"></script> I have already added 'allow-scripts allow-forms allow-modals allow-same-origin allow-popups allow-popups-to-escape-sandbox allow-storage-access-by-user-activation' at sandbox. I also use document.requestStorageAccess() from inside the iframe and I set event listeners for the storage like this: window.addEventListener('storage', onStorageFunc, false);. From the iframe a popup window is presented when user clicks a specific button and the popup opens at lets say at this url "https://paypal.com". After user navigation on popup, paypal at the end of the flow redirects user to this url "https://example.com/success". At this point when user is navigated to /success I add some data to local storage which I expect to trigger the storage event listener and the onStorageFunc to run. This doesn't happen, while in other browsers it works as expected. Since both popup and iframe are under the same url (https://example.com) and I have used requestStorageAccess, I would expect this to work normally. Can you please help me to find out what is going wrong here? In the past I had the same problem but it was fixed when I added 'requestStorageAccess' and 'allow-storage-access-by-user-activation'. Now I can see it happening again.

Modified by wolfskinn

All Replies (5)

more options

Do you have any errors in the console log?

more options

error response (edited)

Modified by wolfskinn

more options

TyDraniu said

Do you have any errors in the console log?

Hi and thank you for your interest. There is only warning: Storage access automatically granted for origin “https://www.sandbox.paypal.com” on “null”. In previous Firefox version everything was working correctly. Also I noticed that if I have something in the localStorage of the iFrames url, when I open a popup from this sandboxed iFrame, even though it is opened at the same iFrames url, the localStorage of the popup is empty.

I also noticed in firefox release notes of their latest version that they mention: 'Firefox now permanently partitions Storage in third-party contexts independent of Storage Access to align with other browsers and provide better Web compatibility.' I don't know if this is the cause and if so, how I can overcome this...

Modified by wolfskinn

more options

wolfskinn said

Also I noticed that if I have something in the localStorage of the iFrames url, when I open a popup from this sandboxed iFrame, even though it is opened at the same iFrames url, the localStorage of the popup is empty.


I am experiencing the same issue. Looking for help.

Modified by sea1jxr

more options

I was able to recreate this in my dev environment with two simple web pages served with different host entry names from 127.0.0.1 where one is in an iframe of the other and also as a top level page. The iframe instance and top level instance don't share localStorage.

If I use the same host entry (authority) for all the pages the localStorage is shared. This broke recently, and still works properly in other browsers.