Closed sysrqb closed 10 months ago
One known remaining/missing piece is integrating the permission policy into Fetch.
I suggest we add a sentence at the very end so we can merge this and address that later:
TODO: Permission Policy integration to enable this for cross-origin documents.
This is an explainer that describes how private tokens may be exposed in third-party contexts and integration into Fetch algorithms.