Tsuyoshi Horo

As far as I know, there is no way to load JS modules in a local Web Bundle file (unpkg.com.wbn) from a page in another Web Bundle file (example.com.wbn). The...

Sorry, I'm not familiar with EventSource. @yutakahirano knows more than me.

Filed chromium side bug. https://crbug.com/327941462 +CC: @jxck who is interested in this.

Here is the summary of current Chrome's implementation. **Can use a registered dictionary?** - `same-origin` mode request: - Same origin request can use the dictionary. - Cross origin request is...

Ah, yes. I agree that supporting redirected navigations is important. For partitioning, Chrome [is re-calculating](https://source.chromium.org/chromium/chromium/src/+/main:content/browser/loader/navigation_url_loader_impl.cc;l=1571;drc=05aa52f7cecbc3b6636ae7f2bab6be9e7503ad44) the isolation key when handling the redirected navigation request. So the dictionary [is correctly picked...

Ah, I may have misunderstood. @pmeenan Do you think it is ok not to support no-cors cross origin requests? Supporting no-cors requests is desirable for ease of deployment. But it...

How about same origin no-cors requests? For example, the request mode for `` is `no-cors`. Supporting no-cors same origin requests would make the browser logic more complex. It needs to...

In the Fetch spec, a request has an associated [response tainting](https://fetch.spec.whatwg.org/#concept-request-response-tainting) flag, which is "basic", "cors", or "opaque". This is initially "basic" for same-origin request. And it is [set to...

On second thought, I feel like clearing the dictionaries for `Clear-Site-Data: "cache"` may be enough. @pmeenan Do you have any thought about it? > I'd also assume that when users...

@pmeenan As discussed internally, it looks useful if there is a way to only clear the compression dictionaries without clearing HTTP caches and Cookies. So I created [a PR](https://github.com/w3c/webappsec-clear-site-data/pull/80) to...