Hi team,

I'm developing Ren'Py's official web port ( https://renpy.beuc.net/ ).

With iOS working better with WebAssembly, I get bug reports about the way itch.io embeds web games, using a web host with a different domain.

This triggers IDBFS (storage) errors when writing savegames:
IDBFactory.open() called an invalid security context
because AFAICT the browser considers this is akin to storing a 3rd-party cookie (itch.io -> *.hwcdn.net). This was already the case with Debian's Chromium (see Emscripten thread), which blocks 3rd-party cookies (and cross-domain IDBFS) by default, but now this happens on a major mainstream browser/platform.

Playing the game directly at *.hwcdn.net solves the issue.

What do you think about opening web games directly at the CDN for mobile users?

A little test case:

beuc.itch.io/the-question-web (iframe, error on save)
v6p9d9t4.ssl.hwcdn.net/html/2152259/index.html?v=1591301965 (no iframe, no error on save)

Hi, thank you everytime.

(As you know, )The error was happen at both link at playing second time on my iPhone.

And I realized that when I play no-iframe version, header and footer of browser make window narrow  so that it was difficult to read dialogue .

It is true to playing directly at the CDN bypasses all the fullscreen & orientation-locking wrapper.

Maybe this wrapper would need to be hosted at the CDN as well.

Or maybe the CDN could be exposed as a itch.io subdomain to solve the root issue.

I would love to see this issue addressed and fixed. As is, I wouldn’t want to make a web game available to users until this is fixed.

@itch.io staff: note that this isn't specific to RenPyWeb, this applies to all HTML5 games and storage methods.