Hugging Face’s Transformers.js experiments with proposed Cross-Origin Storage API to reduce redundant model downloads

Hugging Face’s Transformers.js enables web developers to run AI pipelines directly in the browser, automatically downloading and caching model resources and WebAssembly runtimes on first use. However, because browsers isolate caches by origin, revisiting the same app on a different origin triggers redundant downloads even when the files are byte-for-byte identical.

In a demonstration, Hugging Face showed that visiting a second origin serving the same automatic speech recognition model (Xenova/whisper-tiny.en) resulted in an additional 177 MB of duplicate downloads and storage. Similarly, a shared WebAssembly runtime file used across multiple models added another 4.7 MB of redundant downloads per origin.

The root cause is browser cache isolation enforced via a Network Isolation Key that combines the top-level and current-frame sites, preventing cache hits even when the resource URLs are identical. This behavior, while improving security and privacy, creates inefficiency for popular AI models reused across many websites.

To address this, the proposed Cross-Origin Storage (COS) API introduces a navigator.crossOriginStorage interface that stores and retrieves large files across origins using cryptographic hashes rather than URLs or origins. This would allow browsers to recognize identical files regardless of the site they come from, reducing redundant downloads and storage.

Hugging Face notes the COS API is an early-stage proposal without native browser implementation, but developers can experiment now using a browser extension that injects a polyfill for navigator.crossOriginStorage.