Hi team,
I'm developing Ren'Py's official web port ( https://renpy.beuc.net/ ).
With iOS working better with WebAssembly, I get bug reports about the way itch.io embeds web games, using a web host with a different domain.
This triggers IDBFS (storage) errors when writing savegames:
IDBFactory.open() called an invalid security context
because AFAICT the browser considers this is akin to storing a 3rd-party cookie (itch.io -> *.hwcdn.net). This was already the case with Debian's Chromium (see Emscripten thread), which blocks 3rd-party cookies (and cross-domain IDBFS) by default, but now this happens on a major mainstream browser/platform.
Playing the game directly at *.hwcdn.net solves the issue.
What do you think about opening web games directly at the CDN for mobile users?