COEP:credentialless merged into the HTML and Fetch specification.

See PR:

• whatwg/html/pull/6638
• whatwg/fetch/pull/1229

Significant sections:

• HTML: (1) (2) (3) (4)
• Fetch: (1) (2) (3)

This document is not going to be actively maintained, please refer to HTML and FETCH as the source of truth for implementations.

Credentialless is a Cross-Origin-Embedder-Policy (COEP) variant. Similarly to require-corp, it can be used to enable cross-origin-isolation. Contrary to require-corp, it is easier to deploy, instead of requiring a Cross-Origin-Resource-Policy (CORP) header for every no-cors subresources, COEP:credentialless is requesting them without credentials.

• Explainer
• Specification
• Historical spec/explainer - /:\ Please use HTML and FETCH specification instead.
• Experimenting instructions