fetch() & script modules don't send credentials same-origin by default. Seen this catch loads of people out. We're thinking of changing it…
-
-
Yes, this would be my preferred solution...
-
@littlecalculist I think you had done some exploration on this? -
A little, yeah. I think it'd be a great outcome if modules are uncredentialed (as spec'ed) but can share SO connection w/ credentialed data.
-
Please avoid talking about origins for connections. Connections should be a function of IP address and TLS cert. Nothing else.
-
How would you like me to talk about the existing behavior of browsers, which segregates connection-sharing based on origin and credentials?
-
They don't. At least chrome doesn't. Connections are separated by A: IP B: TLS cert C: credentials C should go away.
-
I think you're shooting at an ally: I'm saying the credential segregation is causing problems. If it can go away totally, great!
-
Sorry, didn't mean to shoot at all. Just wanted to ensure we don't accidentally spec origin separation.
- 6 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.