Double-check Storage Access API for disk leaks and 3rd party cookie blocking adherence
The Storage Access API is a means to prevent trackers across origins yet to not break authentication flows and other benign 3rd party identifier usage.
We should make sure it's not using the disk in our default Tor Browser mode.
Moreover, we disable third-party cookies outright, mainly because we have not looked at the first-party isolation yet (legacy/trac#21905 (moved)), and we should make sure this is not bypassed in non-private-browsing-mode contexts.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information