Bug 171550

Summary: Same-origin module scripts should be requested with credentials if the crossorigin attribute is present
Product: WebKit Reporter: Jake Archibald <jaffathecake>
Component: DOMAssignee: Yusuke Suzuki <ysuzuki>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: cdumez, dpaddock, fpizlo, ggaren, manian, rniwa, webkit-bug-importer, wilander, ysuzuki
Priority: P2 Keywords: InRadar
Version: Safari Technology Preview   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=171566

Description Jake Archibald 2017-05-02 06:57:33 PDT 
https://module-script-tests-zoelmqooyv.now.sh/cookie-page

Same-origin module scripts should be requested with credentials if the crossorigin attribute is present. The output of the above page should be:

No random number cookie found.
Random number cookie is: 0.30567383219441924
Random number cookie is: 0.30567383219441924

But in Safari it's:

No random number cookie found.
No random number cookie found.
Random number cookie is: 0.6591200076403063

(Obviously your random number will be different).
Comment 1 Radar WebKit Bug Importer 2018-02-21 13:08:56 PST 
<rdar://problem/37757892>
Comment 2 Yusuke Suzuki 2020-04-13 05:53:03 PDT 
Will fix with https://bugs.webkit.org/show_bug.cgi?id=210326, thanks!!!!
Comment 3 Yusuke Suzuki 2020-04-13 06:12:20 PDT 

*** This bug has been marked as a duplicate of bug 210326 ***