fetch() & script modules don't send credentials same-origin by default. Seen this catch loads of people out. We're thinking of changing it…
-
-
Replying to @jaffathecake
We should also consider making changes to the connection sharing rules for H2.
1 reply 0 retweets 1 like -
Replying to @wycats
https://github.com/whatwg/fetch/issues/341 … hoping we can make Origin A -> B use the same connection regardless of cookies. Origin C -> B may still be another.
2 replies 0 retweets 1 like -
Replying to @jaffathecake
Seems like we should be able to make A->A use a single connection whether credentialed or not.
1 reply 0 retweets 6 likes -
Replying to @wycats @jaffathecake
Yes, this would be my preferred solution...
1 reply 0 retweets 1 like -
Replying to @domenic @jaffathecake
@littlecalculist I think you had done some exploration on this?1 reply 0 retweets 0 likes -
A little, yeah. I think it'd be a great outcome if modules are uncredentialed (as spec'ed) but can share SO connection w/ credentialed data.
2 replies 0 retweets 1 like -
Replying to @littlecalculist @wycats and
Please avoid talking about origins for connections. Connections should be a function of IP address and TLS cert. Nothing else.
1 reply 0 retweets 0 likes -
Replying to @cramforce @wycats and
How would you like me to talk about the existing behavior of browsers, which segregates connection-sharing based on origin and credentials?
2 replies 0 retweets 0 likes -
Replying to @littlecalculist @wycats and
They don't. At least chrome doesn't. Connections are separated by A: IP B: TLS cert C: credentials C should go away.
2 replies 0 retweets 1 like
And credentials are associated with ...?
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.