The default credentials mode for module script requests is changing from "omit" to "same-origin", providing credentials to same-origin module script requests and their descendant scripts (static & dynamic imports). The current behavior can be surprising in that it's misaligned with other high-level features like the Fetch API, and in the web platform's current architecture, causes a second server connection. This is undesirable for developers looking to reduce latency.
Specification
Status in Chromium
Enabled by default (tracking bug) in:
- Chrome for desktop release 72
- Chrome for Android release 72
- Android WebView release 72
Consensus & Standardization
After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.
- Shipped/Shipping
- No signal
- No signal
- Positive
Owner
Last updated on 2020-11-09