Web platform features explorer - Credentialless iframes

Web platform features explorer

Tags: api html Groups: Security

The credentialless attribute for the <iframe> HTML element loads third-party content in an ephemeral context and does not send any credentials such as cookies. When using cross-origin isolation, this allows you to embed content that does not send Cross-Origin-Embedder-Policy headers.

Learn more

IFrame credentialless

Specifications

Iframe credentialless, from Web Platform Incubator Community Group (W3C).

Browser support

Chrome 110 Released on 2023-02-07
Chrome Android 110 Released on 2023-02-07
Edge 110 Released on 2023-02-09
Firefox ❌ Vendor position (concerns: venue)
Firefox for Android ❌ Vendor position (concerns: venue)
Safari ❌
Safari on iOS ❌

Usage (according to Chrome Platform Status)

~0.012% of page loads. More data at chromestatus.

View as JSON | Edit this feature | Report an issue | Web-features entry: source, dist