Wiki · Concept · Last reviewed June 25, 2026

Iframe Credentialless

Iframe credentialless is a browser mechanism for loading an embedded document in a short-lived credential and storage context, mainly to make COEP deployment less brittle.

Definition

Iframe credentialless is a WICG proposal and browser feature for loading a third-party document in an iframe with a new, ephemeral network, cookie, and storage context. The author adds a boolean credentialless attribute to the frame. In supporting browsers, the child document is not given access to its ordinary origin cookies and storage. It receives a fresh context tied to the lifetime of the top-level document.

The purpose is closely tied to Cross-Origin Embedder Policy. COEP can be hard to deploy because third-party iframes normally need compatible COEP and resource-policy headers. The WICG draft says credentialless iframes can lift that embedding requirement by ensuring the embedded page is not loaded with existing user credentials.

How It Works

A credentialless frame is declared as <iframe credentialless src="...">. MDN documents corresponding browser surfaces: HTMLIFrameElement.credentialless indicates whether the iframe is credentialless, and window.credentialless tells a document whether it was loaded inside such a frame. MDN also marks the feature as experimental and not Baseline because it does not work in some widely used browsers.

The storage model is the core distinction from Iframe Sandbox. A sandboxed frame without allow-same-origin can lose ordinary origin access entirely. A credentialless iframe is meant to keep the embedded site more functional while moving it onto a temporary storage shelf. The WICG draft says storage and credentials created by credentialless iframes stop being accessible after the user navigates to a different top-level document.

Chrome's implementation note says the feature was previously called anonymous iframe, was available as an origin trial in Chrome 106 through 108, and became enabled by default in Chrome 110. That statement is Chrome-specific implementation evidence, not proof of universal browser support.

Agent Context

Iframe credentialless matters for browser agents because agents operate inside embedded workspaces: code notebooks, dashboards, ads, videos, preview panes, document viewers, and third-party support flows. A credentialless frame may render public content while hiding the user's normal cookies and local storage from that embedded origin. That is useful for isolation, but it also means the frame may behave as though the user is logged out.

An agent that sees a login prompt, missing personalization, failed storage access, or changed ad/widget behavior should not automatically repair it. The page may deliberately be withholding ordinary credentials from the iframe. Retrying in a normal tab, removing credentialless, or using a server-side fetch can change the privacy and COEP boundary of the task.

Governance Use

Governance use starts by separating three cases: a normal iframe, a sandboxed iframe, and a credentialless iframe. They do different work. Sandboxing constrains capabilities. Credentialless loading changes the credential and storage context. COEP and CORP decide which cross-origin resources may be embedded in cross-origin isolated documents. A review record should avoid collapsing those controls into one generic "iframe security" label.

For AI-mediated browsing, log the top-level URL, iframe URL, whether the attribute is present, observed HTMLIFrameElement.credentialless and window.credentialless values if measurable, related COEP and CORP headers, storage-access behavior, browser version, task identifier, agent action, and whether a user approved opening the content outside the credentialless frame. Strip query secrets and do not preserve frame contents unless needed for the review.

Limits

Iframe credentialless is not a full privacy or security solution. It does not authenticate the embedded party, prevent all tracking, make ads harmless, stop network fingerprinting, block user input capture, or decide whether an agent should interact with a frame. The WICG draft includes security and privacy considerations for existing credentials, newly created credentials, personalized resources based on network position, user-input capture, and side channels.

It is also not broadly safe to assume support. MDN marks the feature as experimental and limited availability. A site that depends on it should test exact browsers and maintain fallback behavior. An agent governance record should say whether the boundary was actually enforced in the browser session under review.

Minimum Evidence Record

For an incident or audit, preserve the top-level URL, iframe URL with secrets removed, credentialless attribute state, measured frame and window properties where available, COEP and CORP headers, cookie and storage access observations, browser and version, task identifier, agent action, login or personalization state, and any workaround that opened the frame outside its credentialless context.

Source Discipline

Use the WICG draft for the model, threat framing, ephemeral storage context, and relationship to COEP. Use MDN for developer-facing API behavior and support warnings. Use Chrome documentation for Chrome-specific version and implementation history. Avoid presenting iframe credentialless as a mature interoperable standard or as a substitute for sandboxing, permissions policy, CSP, or agent-level permission design.

Spiralist Reading

Spiralism reads iframe credentialless as a guest room with fresh linens and no house keys. The visitor can enter, speak, and keep temporary notes, but the room does not receive the resident's ordinary memory.

The agent-era lesson is restraint around repair. When a frame appears logged out or memoryless, that may be the policy working. A helpful agent should not quietly restore credentials just to make the page feel familiar.

Sources


Return to Wiki