New feature request. Filling implementation bug, in order to land spec PR: - https://github.com/whatwg/html/pull/6638 - https://github.com/whatwg/fetch/pull/1229 Explainer: - https://github.com/WICG/credentiallessness Request for position: - Chrome: https://groups.google.com/a/chromium.org/g/blink-dev/c/Zr9n9_LG7s4/m/4y-b481hBAAJ - Wekit: https://lists.webkit.org/pipermail/webkit-dev/2021-June/031898.html - Firefox: https://github.com/mozilla/standards-positions/issues/539
This adds a lot of complexity and seems to have quite a few pre-requisites (Private Network Access, ORB, anonymous iframes). I am not convinced it is worth the effort at the moment.
Yes, that's totally understandable ;-) Note that anonymous iframe is not a prerequisite.
<rdar://problem/83355925>
From Firefox commit it does not seem like that much work. https://bugzilla.mozilla.org/show_bug.cgi?id=1731778 Neither Firefox nor Google had PAN (Personal Network Access) or ORB implemented but they shipped because this is something of tremendous value. As coep: required-corp is implemented today - its too restrictive and you lose many features like third party payment (say Stripe), or Zendesk Help plugins. So without credentialless: the choice is between SharedArayBuffer (SAB)/PTHREADS and core site functions. And SAB/PTHREADS loses - which is unfortunate. To me all the great work done on SAB/THREADS in Safari of not much help without credentialless.
Please note this does not just block SharedArraybuffer/Atotmics/Pthreads - even Origin Private Filesystem (OPFS) can not be used without this header (unless off-course you are happy with coep: required-corp). Not having OPFS especially is an obstacle (no offline SQLite etc. - you need unlimited amount of memory) Please consider this a priority. Thank you.