Open npm1 opened 7 months ago
This PR aligns the spec with the Chrome implementation. But there is some feedback that we may need to change the implementation on https://github.com/w3c-fedid/FedCM/issues/587. We can either keep this PR pending the resolution of that or land it and possibly address the changes from that later.
Section 2 ("The Browser API") says that "unpartitioned cookies are included, as if the resource was loaded as a same-origin request, e.g. regardless of the SameSite value". That should probably be updated too?
Updated, ptal
This PR adds a mention to which cookies ought to be sent in the accounts fetch. Once cookie layering work is done, we can remove this note and properly specify it.
Relevant issue: https://github.com/fedidcg/FedCM/issues/609
Preview | Diff