(In reply to Olli Pettay [:smaug][bugs@pettay.fi] from comment #4) > FWIW, the spec for session is very vague: > https://html.spec.whatwg.org/multipage/history.html#environment-browsing-session > > We don't switch processes in non-Fission case if one isn't using coop/coep. > Does the site use those and if so, does > browser.tabs.remote.useCrossOriginEmbedderPolicy = false > browser.tabs.remote.useCrossOriginOpenerPolicy = false > make any difference? I came across this issue with https://beta.character.ai this time, on mobile. When attempting to sign in/ sign up with Google auth, the sign in is not performed. Similarly, they save some data in the `sessionStorage` at the beginning of auth flow, but after redirect to a callback url (`https://beta.character.ai/?code=...&state=....` ) and retrieval there is no item with such key. When setting `browser.tabs.remote.useCrossOriginEmbedderPolicy` and `browser.tabs.remote.useCrossOriginOpenerPolicy` to `false`, it starts working. They have `cross-origin-opener-policy` set to `same-origin` set
Bug 1790666 Comment 6 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
(In reply to Olli Pettay [:smaug][bugs@pettay.fi] from comment #4) > FWIW, the spec for session is very vague: > https://html.spec.whatwg.org/multipage/history.html#environment-browsing-session > > We don't switch processes in non-Fission case if one isn't using coop/coep. > Does the site use those and if so, does > browser.tabs.remote.useCrossOriginEmbedderPolicy = false > browser.tabs.remote.useCrossOriginOpenerPolicy = false > make any difference? I came across this issue with https://beta.character.ai this time, on mobile. When attempting to sign in/ sign up with Google auth, the sign in is not performed. Similarly, they save some data in the `sessionStorage` at the beginning of auth flow, but after redirect to a callback url (`https://beta.character.ai/?code=...&state=....` ) and retrieval there is no item with such key. When setting `browser.tabs.remote.useCrossOriginEmbedderPolicy` and `browser.tabs.remote.useCrossOriginOpenerPolicy` to `false`, it starts working. They have `cross-origin-opener-policy` set to `same-origin`.