From:  Anne van Kesteren <>
Date:  07 May 2017 14:07:38 Hong Kong Time

Credentials and connection pools


As I understand things we pick connections to reuse based on an origin and a credentials flag (set/unset). This got a little bit more complicated with HTTP/2 as it's not just an origin A, but also any other "origin" entries in A's certificate, but that's not what I'm after.

What I'd like to understand is the history behind using credentials as a key and what we can do to possibly change it. We now have some features that don't send credentials by default (even same-origin), such as