Make fetch() use "same-origin" credentials by default |
||||||||
Issue descriptionSee https://github.com/whatwg/fetch/pull/585 for rationale and proposed Fetch Standard change. Please try to coordinate changing your implementation with others. It's unlikely to be disruptive, but still seems better if it all happens roughly at the same time.
,
Aug 29 2017
,
Aug 29 2017
,
Sep 14 2017
The conclusion is we'll be following the proposal. I.e. the new default will be the same-origin credentials mode. https://github.com/whatwg/fetch/pull/585#issuecomment-329058038
,
Sep 14 2017
,
Feb 26 2018
Reassigning to yhirano@. Need to check the progress of other browsers before taking the action. See https://github.com/whatwg/fetch/pull/585#issuecomment-325351254
,
Feb 26 2018
> Need to check the progress of other browsers before taking the action. FWIW, this has not been a priority in firefox so far. If we had update WPT tests, though, we could probably make the change relatively quickly. If you have a target release we could try to match.
,
Mar 6 2018
As mentioned in https://github.com/whatwg/fetch/pull/585#issuecomment-370943341, I'm happy to work on some WPTs for this as it seems to be a big blocker. Also I know this is assigned to yhirano@, however I'm more than happy to take it if he doesn't have the bandwidth!
,
Mar 26 2018
,
Mar 27 2018
,
Apr 30 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5b7b98694d9a5bae9b7efeb0a4a34710c83b098b commit 5b7b98694d9a5bae9b7efeb0a4a34710c83b098b Author: Dominic Farolino <domfarolino@gmail.com> Date: Mon Apr 30 11:20:36 2018 Set fetch()'s default credentials mode to same-origin As per https://github.com/whatwg/fetch/pull/585, the fetch() API's default credentials mode should be set to same-origin in the Request constructor. I2s: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/WOAtshyL2As R=yhirano@chromium.org, yoav@yoav.ws Bug: 759543 Change-Id: Id5cb8c747c41385edcc13775fdd18e1f27e7c3c9 Reviewed-on: https://chromium-review.googlesource.com/981512 Commit-Queue: Yoav Weiss <yoav@yoav.ws> Reviewed-by: Yoav Weiss <yoav@yoav.ws> Reviewed-by: Bernhard Bauer <bauerb@chromium.org> Cr-Commit-Position: refs/heads/master@{#554720} [modify] https://crrev.com/5b7b98694d9a5bae9b7efeb0a4a34710c83b098b/content/browser/browsing_data/clear_site_data_throttle_browsertest.cc [delete] https://crrev.com/bd588904caf43c922d2e17f18a30ded6530236d4/third_party/WebKit/LayoutTests/external/wpt/fetch/api/request/request-init-003.sub-expected.txt [delete] https://crrev.com/bd588904caf43c922d2e17f18a30ded6530236d4/third_party/WebKit/LayoutTests/external/wpt/fetch/api/request/request-structure-expected.txt [modify] https://crrev.com/5b7b98694d9a5bae9b7efeb0a4a34710c83b098b/third_party/WebKit/LayoutTests/http/tests/fetch/script-tests/request.js [modify] https://crrev.com/5b7b98694d9a5bae9b7efeb0a4a34710c83b098b/third_party/blink/renderer/core/fetch/request.cc
,
May 4 2018
|
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by tyoshino@chromium.org
, Aug 29 2017Status: Available (was: Unconfirmed)