Anonymous iframe: credentials attribute #20
Comments
|
Explainer updated from: <iframe credentials=omit>toward <iframe anonymous>in PR: So we can close this, I guess, once it is merged. |
|
@camillelamy: can we close this? |
|
Done. |
This was referenced Jun 3, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is the semantic of the
credentialsattribute?credentials=omitvscredentials=presentdoesn't look good because of inconsistency (omitis a verb, whilepresentis an adjective). In case, I'd suggest havingcredentials=useinstead.However, I am a bit unhappy with
credentials=omitsince this is misleading. Credentials are partitioned, not omitted. Moreover, I don't see the point of having a non-boolean attribute for something that can only be set and not unset (credentials=use- if we go with it - has no point of existing, apart from giving a value to be returned by the getter, since a subframe of an anonymous iframe is always anonymous and this cannot be overwritten).I would reconsider having a boolean attribute instead, something like
<iframe anonymous>or<iframe partitioned>or<iframe isolated>or<iframe partitioned-storage>or<iframe clean-credentials>(I fear none of these is a particularly good choice though).The text was updated successfully, but these errors were encountered: