With most recent Safari update, our page started having some of it's core functionality broken while users access it on Private mode due to Fingerprinting protection.
The issue is that the code that breaks is our first-party code and I want understand why it is breaking and how to properly fix it.
One thing we discovered was that a service of ours that uses the same code base doesn't have these issues and current assumption is that their page bundles are served on the same domain as the actual page request, while ours is coming from a different one.
The other assumption was that the domain which we use for serving the bundles of the page are set on the domain that is flagged as tracking domain.
Is there some documentation on how Safari decides which code is allowed reading user inputs and which isn't and what is the appropriate approach to fix this issue as it would be possible that these changes get release as default in the future?