diff --git a/source b/source
index 12c5dfaef0a..4a1efaaf0bc 100644
--- a/source
+++ b/source
@@ -2495,6 +2495,7 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
      <li><dfn data-x="body safely extract" data-x-href="https://fetch.spec.whatwg.org/#bodyinit-safely-extract">safely extracting a body</dfn></li>
      <li><dfn data-x-href="https://fetch.spec.whatwg.org/#process-response-end-of-body">processResponseConsumeBody</dfn></li>
      <li><dfn data-x-href="https://fetch.spec.whatwg.org/#fetch-processresponseendofbody">processResponseEndOfBody</dfn></li>
+     <li><dfn data-x-href="https://fetch.spec.whatwg.org/#network-partition-keys">network-partition-keys</dfn></li>
      <li>
       <dfn data-x="concept-response"
       data-x-href="https://fetch.spec.whatwg.org/#concept-response">response</dfn> and its
@@ -30891,6 +30892,7 @@ href="?audio">audio&lt;/a> test instead.)&lt;/p></code></pre>
    <dd><code data-x="attr-dim-height">height</code></dd>
    <dd><code data-x="attr-iframe-referrerpolicy">referrerpolicy</code></dd>
    <dd><code data-x="attr-iframe-loading">loading</code></dd>
+   <dd><code data-x="attr-iframe-credentialless">credentialless</code></dd>
    <dt><span
    data-x="concept-element-accessibility-considerations">Accessibility considerations</span>:</dt>
    <dd><a href="https://w3c.github.io/html-aria/#el-iframe">For authors</a>.</dd>
@@ -30911,6 +30913,7 @@ interface <dfn interface>HTMLIFrameElement</dfn> : <span>HTMLElement</span> {
   [<span>CEReactions</span>] attribute DOMString <span data-x="dom-dim-height">height</span>;
   [<span>CEReactions</span>] attribute DOMString <span data-x="dom-iframe-referrerPolicy">referrerPolicy</span>;
   [<span>CEReactions</span>] attribute DOMString <span data-x="dom-iframe-loading">loading</span>;
+  attribute boolean <span data-x="dom-iframe-credentialless">credentialless</span>;
   readonly attribute <span>Document</span>? <span data-x="dom-iframe-contentDocument">contentDocument</span>;
   readonly attribute <span>WindowProxy</span>? <span data-x="dom-iframe-contentWindow">contentWindow</span>;
   <span>Document</span>? <span data-x="dom-media-getSVGDocument">getSVGDocument</span>();
@@ -31601,6 +31604,13 @@ interface <dfn interface>HTMLIFrameElement</dfn> : <span>HTMLElement</span> {
    <li><p>Invoke <var>resumptionSteps</var>.</p></li>
   </ol>
 
+  <hr> <!-- CREDENTIALLESS ATTRIBUTE -->
+
+  <p>The <dfn element-attr for="iframe"><code
+  data-x="attr-iframe-credentialless">credentialless</code></dfn>
+  attribute, enables loading documents hosted by the <code>iframe</code> with a new and ephemeral
+  storage partition. It is a boolean value. The default is false.</p>
+
   <hr> <!-- FALLBACK -->
 
   <p>Descendants of <code>iframe</code> elements represent nothing. (In legacy user agents that do
@@ -31619,9 +31629,10 @@ interface <dfn interface>HTMLIFrameElement</dfn> : <span>HTMLElement</span> {
   data-x="dom-iframe-src">src</code></dfn>, <dfn attribute for="HTMLIFrameElement"><code
   data-x="dom-iframe-srcdoc">srcdoc</code></dfn>, <dfn attribute for="HTMLIFrameElement"><code
   data-x="dom-iframe-name">name</code></dfn>, <dfn attribute for="HTMLIFrameElement"><code
-  data-x="dom-iframe-sandbox">sandbox</code></dfn>, and <dfn attribute for="HTMLIFrameElement"><code
-  data-x="dom-iframe-allow">allow</code></dfn> must <span>reflect</span> the respective content
-  attributes of the same name.</p>
+  data-x="dom-iframe-sandbox">sandbox</code></dfn>, <dfn attribute for="HTMLIFrameElement"><code
+  data-x="dom-iframe-allow">allow</code></dfn> , and <dfn attribute for="HTMLIFrameElement"><code
+  data-x="dom-iframe-credentialless">credentialless</code></dfn> , must <span>reflect</span> the
+  respective content attributes of the same name.</p>
 
   <p>The <span data-x="concept-supported-tokens">supported tokens</span> for <code
   data-x="dom-iframe-sandbox">sandbox</code>'s <code>DOMTokenList</code> are the allowed
@@ -80362,6 +80373,10 @@ popup4.close();</code></pre></div>
    <li><p>Let <var>sandboxFlags</var> be the result of <span>determining the creation sandboxing
    flags</span> given <var>browsingContext</var> and <var>embedder</var>.</p></li>
 
+   <li><p>Let <var>credentialless</var> be the result of determining the <span
+   data-x="initial-window-credentialless">initial window credentialless</span> flag, given
+   <var>browsingContext</var>.</p></li>
+
    <!--
     This step does not need to use |embedder|, because determining the origin only consults the
     container when the url argument is about:srcdoc. However, here we always pass about:blank.
@@ -80386,7 +80401,9 @@ popup4.close();</code></pre></div>
     realm</span> given <var>agent</var> and the following customizations:</p>
 
     <ul>
-     <li><p>For the global object, create a new <code>Window</code> object.</p></li>
+     <li><p>For the global object, create a new <code>Window</code> object, with <code
+     data-x="attr-iframe-credentialless">credentialless</code> set to
+     <var>credentialless</var>.</p></li>
 
      <li><p>For the global <b>this</b> binding, use <var>browsingContext</var>'s
      <code>WindowProxy</code> object.</li>
@@ -81761,6 +81778,7 @@ interface <dfn interface>Window</dfn> : <span>EventTarget</span> {
   attribute DOMString <span data-x="dom-window-status">status</span>;
   undefined <span data-x="dom-window-close">close</span>();
   readonly attribute boolean <span data-x="dom-window-closed">closed</span>;
+  readonly attribute boolean <span data-x="dom-window-credentialless">credentialless</span>;
   undefined <span data-x="dom-window-stop">stop</span>();
   undefined <span data-x="dom-window-focus">focus</span>();
   undefined <span data-x="dom-window-blur">blur</span>();
@@ -81960,6 +81978,10 @@ dictionary <dfn dictionary>WindowPostMessageOptions</dfn> : <span>StructuredSeri
 
    <li><p>If <var>noreferrer</var> is true, then set <var>noopener</var> to true.</p></li>
 
+   <li><p>If <span>entry global object</span>'s <span
+   data-x="dom-window-credentialless">credentialless</span> flag is true, then set
+   <var>noopener</var> to true.</p></li>
+
    <li>
     <p>Let <var>target browsing context</var> and <var>windowType</var> be the result of applying
     <span>the rules for choosing a browsing context</span> given <var>target</var>, <var>source
@@ -82696,8 +82718,8 @@ interface <dfn interface>BarProp</dfn> {
   <p>To <dfn>set up a window environment settings object</dfn>, given a <span>URL</span>
   <var>creationURL</var>, a <span>JavaScript execution context</span> <var>execution context</var>,
   null or an <span>environment</span> <var>reservedEnvironment</var>, a <span>URL</span>
-  <var>topLevelCreationURL</var>, and an <span>origin</span> <var>topLevelOrigin</var>, run these
-  steps:</p>
+  <var>topLevelCreationURL</var>, an <span>origin</span> <var>topLevelOrigin</var>, and an
+  identifier <var>partitionNonce</var> run these steps:</p>
 
   <ol>
    <li><p>Let <var>realm</var> be the value of <var>execution context</var>'s Realm
@@ -82812,8 +82834,9 @@ interface <dfn interface>BarProp</dfn> {
 
    <li><p>Set <var>settings object</var>'s <span data-x="concept-environment-creation-url">creation
    URL</span> to <var>creationURL</var>, <var>settings object</var>'s <span>top-level creation
-   URL</span> to <var>topLevelCreationURL</var>, and <var>settings object</var>'s <span>top-level
-   origin</span> to <var>topLevelOrigin</var>.</p></li>
+   URL</span> to <var>topLevelCreationURL</var>, <var>settings object</var>'s <span>top-level
+   origin</span> to <var>topLevelOrigin</var>, and <var>settings object</var>'s <span
+   for="environment">partition nonce</span> to <var>partitionNonce</var>.</p></li>
 
    <li><p>Set <var>realm</var>'s [[HostDefined]] field to <var>settings object</var>.</p></li>
   </ol>
@@ -84110,6 +84133,71 @@ interface <dfn interface>BarProp</dfn> {
 
 
 
+  <h3>Iframe credentialless</h3>
+
+  <p>Each <code>iframe</code> element has a mutable <code
+  data-x="attr-iframe-credentialless">credentialless</code> flag attribute.</p>
+
+  <p>Each <code>Window</code> has a constant <dfn attribute for="Window"
+  data-x="dom-window-credentialless"><code>credentialless</code></dfn> flag.</p>
+
+  <p>A <dfn>credentialless Window</dfn> is a <code>Window</code>, whose <code
+  data-x="dom-window-credentialless">credentialless</code> flag is true.</p>
+
+  <p>To compute the <dfn data-x="initial-window-credentialless">initial window credentialless
+  flag</dfn>, given a new <span data-x="concept-document-bc">browsing context</span> <var>browsing
+  context</var>:</p>
+  <ol class="brief">
+   <li><p>Set <var>embedder</var> be <var>browsing context</var>'s <span
+   data-x="bc-container">container</span>.</p>
+   <li><p>If <var>embedder</var> is not an element, return false.</p></li>
+   <li><p>Otherwise, set <var>parentWindow</var> be the <var>embedder</var>'s <span>node
+   document</span>'s <span>relevant global object</span>.</p></li>
+   <li><p>Return the union of:</p>
+    <ul class="brief">
+     <li><p><var>parentWindow</var>'s <code
+     data-x="dom-window-credentialless">credentialless</code></p></li>
+     <li><p><var>embedder</var>'s <span><code>iframe</code></span>'s <code
+     data-x="attr-iframe-credentialless">credentialless</code></p></li>
+    </ul>
+   </li>
+  </ol>
+
+  <p>To compute the <dfn data-x="navigation-credentialless">navigation's credentialless flag</dfn>,
+  given <span data-x="concept-document-bc">browsing context</span> <var>browsing
+  context</var>, follows the same steps as in the <span
+  data-x="initial-window-credentialless">initial window credentialless flag</span> algorithm.</p>
+
+  <p class="note">New <code>Window</code>'s <code data-x="dom-window-credentialless">credentialless</code>
+  flag is computed either from the <span data-x="initial-window-credentialless">initial window
+  credentialless flag</span> algorithm for new <span data-x="concept-document-bc">browsing
+  context</span>, or from the <span data-x="navigation-credentialless">navigation's credentialless
+  flag</span> algorithm, executed when the navigation started, for navigations inside pre-existing
+  <span data-x="concept-document-bc">browsing context</span>.</p>
+
+  <p class="note">Popup opened from <span>credentialless Window</span> are always with 'noopener'
+  set</p>
+
+  <p class="note">Top-level <span>credentialless Window</span> do not exist.</p>
+
+  <p>Each top-level <span>Window</span> has an associated <dfn export>page credentialless
+  nonce</dfn>. It is an immutable nonce ("number used once").</p>
+
+  <p class="XXX">The <span>page credentialless nonce</span> is meant to be used for
+  <span>credentialless Window</span> as a key in <span>network-partition-keys</span>,
+  storage-partition-keys, and cookie-partition-keys for <span>credentialless Window</span>. See <a
+  href="https://github.com/whatwg/fetch/issues/904">Network state partitionning</a>, <a
+  href="https://privacycg.github.io/storage-partitioning/">Client-Side Storage Partitioning</a>, and
+  <a href="https://github.com/WICG/CHIPS">CHIPS (Cookies Having Independant Partitioned
+  State</a>.</p>
+
+  <p><dfn>Autofill and iframe credentialless</dfn>: User agents sometimes have features for helping users
+  fill forms in: for example prefilling the user's address, password, or payment informations. User
+  agents must disable those features when the data is both specific to the user and to the website.
+  </p>
+
+
+
   <h3>Cross-origin opener policies</h3>
 
   <p>A <dfn>cross-origin opener policy value</dfn> allows a document which is navigated to in a
@@ -85482,7 +85570,8 @@ interface <dfn interface>BarProp</dfn> {
 
   <p>To <dfn>check a navigation response's adherence to its embedder policy</dfn> given a <span
   data-x="concept-response">response</span> <var>response</var>, a <span>browsing context</span>
-  <var>target</var>, and an <span>embedder policy</span> <var>responsePolicy</var>:</p>
+  <var>target</var>, an <span>embedder policy</span> <var>responsePolicy</var>, and a boolean
+  <var>credentialless</var>:</p>
 
   <ol>
    <li><p>If <var>target</var> is not a <span>child browsing context</span>, then return
@@ -85495,18 +85584,18 @@ interface <dfn interface>BarProp</dfn> {
 
    <li><p>If <var>parentPolicy</var>'s <span data-x="embedder-policy-report-only-value">report-only
    value</span> is <span>compatible with cross-origin isolation</span> and
-   <var>responsePolicy</var>'s <span data-x="embedder-policy-value">value</span> is not, then
-   <span>queue a cross-origin embedder policy inheritance violation</span> with <var>response</var>,
-   "<code data-x="">navigation</code>", <var>parentPolicy</var>'s <span
-   data-x="embedder-policy-report-only-reporting-endpoint">report only reporting endpoint</span>,
-   "<code data-x="">reporting</code>", and <var>target</var>'s <span
+   <var>responsePolicy</var>'s <span data-x="embedder-policy-value">value</span> is not, and
+   <var>credentialless</var> is false, then <span>queue a cross-origin embedder policy inheritance
+   violation</span> with <var>response</var>, "<code data-x="">navigation</code>",
+   <var>parentPolicy</var>'s <span data-x="embedder-policy-report-only-reporting-endpoint">report
+   only reporting endpoint</span>, "<code data-x="">reporting</code>", and <var>target</var>'s <span
    data-x="bc-container-document">container document</span>'s <span>relevant settings
    object</span>.</p></li>
 
    <li><p>If <var>parentPolicy</var>'s <span data-x="embedder-policy-value">value</span> is not
    <span>compatible with cross-origin isolation</span> or <var>responsePolicy</var>'s <span
    data-x="embedder-policy-value">value</span> is <span>compatible with cross-origin
-   isolation</span>, then return true.</p></li>
+   isolation</span>, or <var>credentialless</var> is true, then return true.</p></li>
 
    <li><p><span>Queue a cross-origin embedder policy inheritance violation</span> with
    <var>response</var>, "<code data-x="">navigation</code>", <var>parentPolicy</var>'s <span
@@ -87631,6 +87720,9 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
    <dt><dfn data-x="navigation-params-sandboxing">final sandboxing flag set</dfn></dt>
    <dd>a <span>sandboxing flag set</span> to impose on the new <code>Document</code></dd>
 
+   <dt><dfn data-x="navigation-params-credentialless">credentialless</dfn></dt>
+   <dd>The credentialless flag to impose on the new <code>Window</code></dd>
+
    <dt><dfn data-x="navigation-params-coop">cross-origin opener policy</dfn></dt>
    <dd>a <span>cross-origin opener policy</span> to use for the new <code>Document</code></dd>
 
@@ -87883,6 +87975,10 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
    flags</span> given <var>browsingContext</var> and <var>browsingContext</var>'s <span
    data-x="bc-container">container</span>.</p></li>
 
+   <li><p>Let <var>credentialless</var> be the result of computing the <span
+   data-x="navigation-credentialless">navigation's credentialless flag</span>, given
+   <var>browsingContext</var>.</p></li>
+
    <li><p>Let <var>allowedToDownload</var> be the result of running the <span>allowed to
    download</span> algorithm given the <span>source browsing context</span> and
    <var>browsingContext</var>.</p></li>
@@ -87953,8 +88049,9 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
        data-x="navigation-params-policy-container">policy container</span> is
        <var>policyContainer</var>, <span data-x="navigation-params-sandboxing">final sandboxing
        flag set</span> is <var>finalSandboxFlags</var>, <span
-       data-x="navigation-params-coop">cross-origin opener policy</span> is <var>coop</var>, <span
-       data-x="navigation-params-coop-enforcement-result">COOP enforcement result</span> is
+       data-x="navigation-params-credentialless">credentialless</span> is <var>credentialless</var>,
+       <span data-x="navigation-params-coop">cross-origin opener policy</span> is <var>coop</var>,
+       <span data-x="navigation-params-coop-enforcement-result">COOP enforcement result</span> is
        <var>coopEnforcementResult</var>, <span
        data-x="navigation-params-reserved-environment">reserved environment</span> is null, <span
        data-x="navigation-params-browsing-context">browsing context</span> is
@@ -88010,8 +88107,10 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
        data-x="navigation-params-policy-container">policy container</span> is
        <var>browsingContext</var>'s <span>active document</span>'s <span>policy container</span>,
        <span data-x="navigation-params-sandboxing">final sandboxing flag set</span> is
-       <var>finalSandboxFlags</var>, <span data-x="navigation-params-coop">cross-origin opener
-       policy</span> is <var>browsingContext</var>'s <span>active document</span>'s <span
+       <var>finalSandboxFlags</var>, <span
+       data-x="navigation-params-credentialless">credentialless</span> is <var>credentialless</var>,
+       <span data-x="navigation-params-coop">cross-origin opener policy</span>
+       is <var>browsingContext</var>'s <span>active document</span>'s <span
        data-x="concept-document-coop">cross-origin opener policy</span>, <span
        data-x="navigation-params-coop-enforcement-result">COOP enforcement result</span> is
        <var>coopEnforcementResult</var>, <span
@@ -88046,10 +88145,11 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
 
      <dd><p>Run <span>process a navigate fetch</span> given <var>navigationId</var>,
      <var>resource</var>, the <span>source browsing context</span>, <var>browsingContext</var>,
-     <var>navigationType</var>, <var>sandboxFlags</var>, <var>historyPolicyContainer</var>,
-     <var>initiatorPolicyContainer</var>, <var>allowedToDownload</var>,
-     <var>hasTransientActivation</var>, <var>incumbentNavigationOrigin</var>,
-     <var>historyHandling</var>, and <var>unsafeNavigationStartTime</var>.</p></dd>
+     <var>navigationType</var>, <var>sandboxFlags</var>, <var>credentialless</var>,
+     <var>historyPolicyContainer</var>, <var>initiatorPolicyContainer</var>,
+     <var>allowedToDownload</var>, <var>hasTransientActivation</var>,
+     <var>incumbentNavigationOrigin</var>, <var>historyHandling</var>, and
+     <var>unsafeNavigationStartTime</var>.</p></dd>
 
      <dt>Otherwise, <var>resource</var> is a <span data-x="concept-request">request</span> whose
      <span data-x="concept-request-url">URL</span>'s <span data-x="concept-url-scheme">scheme</span>
@@ -88066,12 +88166,12 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
   data-x="navigation-id">navigation id</span> <var>navigationId</var>, <span
   data-x="concept-request">request</span> <var>request</var>, two <span data-x="browsing
   context">browsing contexts</span> <var>sourceBrowsingContext</var> and <var>browsingContext</var>,
-  a string <var>navigationType</var>, a <span>sandboxing flag set</span> <var>sandboxFlags</var>,
-  two <span data-x="policy container">policy containers</span> <var>historyPolicyContainer</var> and
-  <var>initiatorPolicyContainer</var>, a boolean <var>allowedToDownload</var>, a boolean
-  <var>hasTransientActivation</var>, an <span>origin</span> <var>incumbentNavigationOrigin</var>,
-  a <span>history handling behavior</span> <var>historyHandling</var>, and a number
-  <var>unsafeNavigationStartTime</var>:</p>
+  a string <var>navigationType</var>, a <span>sandboxing flag set</span> <var>sandboxFlags</var>, a
+  boolean <var>credentialless</var>, two <span data-x="policy container">policy containers</span>
+  <var>historyPolicyContainer</var> and <var>initiatorPolicyContainer</var>, a boolean
+  <var>allowedToDownload</var>, a boolean <var>hasTransientActivation</var>, an <span>origin</span>
+  <var>incumbentNavigationOrigin</var>, a <span>history handling behavior</span>
+  <var>historyHandling</var>, and a number <var>unsafeNavigationStartTime</var>:</p>
 
   <ol>
    <li><p>Let <var>response</var> be null.</p></li>
@@ -88136,6 +88236,10 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
 
    <li><p>Let <var>hasCrossOriginRedirects</var> be false.</p></li>
 
+   <li><p>If <var>credentialless</var> is true, let <var>partitionNonce</var> be
+   <var>browsingContext</var>'s <span>top-level browsing context</span>'s <span>page credentialless
+   nonce</span>, null otherwise.</p></li>
+
    <li>
     <p>While true:</p>
 
@@ -88200,8 +88304,9 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
         data-x="concept-environment-target-browsing-context">target browsing context</span> is
         <var>browsingContext</var>, <span data-x="concept-environment-creation-url">creation
         URL</span> is <var>currentURL</var>, <span>top-level creation URL</span> is
-        <var>topLevelCreationURL</var>, and <span>top-level origin</span> is
-        <var>topLevelOrigin</var>.</p>
+        <var>topLevelCreationURL</var>, <span>top-level origin</span> is
+        <var>topLevelOrigin</var>, and <span for="environment">partition nonce</span> is
+        <var>partitionNonce</var>.</p>
 
         <p class="note">The created environment's <span
         data-x="concept-environment-active-service-worker">active service worker</span> is set in
@@ -88350,11 +88455,12 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
    data-x="navigation-params-policy-container">policy container</span> is
    <var>resultPolicyContainer</var>, <span data-x="navigation-params-sandboxing">final sandboxing
    flag set</span> is <var>finalSandboxFlags</var>, <span
-   data-x="navigation-params-coop">cross-origin opener policy</span> is <var>responseCOOP</var>,
-   <span data-x="navigation-params-coop-enforcement-result">COOP enforcement result</span> is
-   <var>coopEnforcementResult</var>, <span data-x="navigation-params-reserved-environment">reserved
-   environment</span> is <var>request</var>'s <span
-   data-x="concept-request-reserved-client">reserved client</span>, <span
+   data-x="navigation-params-credentialless">credentialless</span> is <var>credentialless</var>,
+   <span data-x="navigation-params-coop">cross-origin opener policy</span> is
+   <var>responseCOOP</var>, <span data-x="navigation-params-coop-enforcement-result">COOP
+   enforcement result</span> is <var>coopEnforcementResult</var>, <span
+   data-x="navigation-params-reserved-environment">reserved environment</span> is
+   <var>request</var>'s <span data-x="concept-request-reserved-client">reserved client</span>, <span
    data-x="navigation-params-browsing-context">browsing context</span> is
    <var>browsingContext</var>, <span data-x="navigation-params-hh">history handling</span> is
    <var>historyHandling</var>,
@@ -88399,7 +88505,9 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
     embedder policy">checking a navigation response's adherence to its embedder policy</span> given
     <var>response</var>, <var>browsingContext</var>, and <var>navigationParams</var>'s <span
     data-x="navigation-params-policy-container">policy container</span>'s <span
-    data-x="policy-container-embedder-policy">embedder policy</span> is false, then set
+    data-x="policy-container-embedder-policy">embedder policy</span> and
+    <var>navigationparams</var>'s <span
+    data-x="navigation-params-credentialless">credentialless</span> flag is false, then set
     <var>failure</var> to true.</p>
 
     <p>Otherwise, if the result of <span data-x="check a navigation response's adherence to
@@ -88765,7 +88873,10 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
     data-x="hh-replace">replace</code>", and <var>browsingContext</var>'s <span>active
     document</span>'s <span data-x="concept-document-origin">origin</span> is <span>same
     origin-domain</span> with <var>navigationParams</var>'s <span
-    data-x="navigation-params-origin">origin</span>, then do nothing.</p>
+    data-x="navigation-params-origin">origin</span>, and <var>browsingContext</var>'s <span>active
+    window</span>'s <span data-x="dom-window-credentialless">credentialless</span> flag matches
+    <var>navigationParams</var>'s <span
+    data-x="navigation-params-credentialless">credentialless</span> flag, then do nothing.</p>
 
     <p class="note">This means that both the <span data-x="is initial about:blank">initial
     <code>about:blank</code></span> <code>Document</code>, and the new <code>Document</code> that is
@@ -88799,7 +88910,9 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
       realm</span> given <var>agent</var> and the following customizations:</p>
 
       <ul>
-       <li><p>For the global object, create a new <code>Window</code> object.</p></li>
+       <li><p>For the global object, create a new <code>Window</code> object, with <code
+       data-x="attr-iframe-credentialless">credentialless</code> to <var>navigationParams</var>'s
+       <span data-x="navigation-params-credentialless">credentialless</span>.</p></li>
 
        <li><p>For the global <b>this</b> binding, use <var>browsingContext</var>'s
        <code>WindowProxy</code> object.</p></li>
@@ -88826,10 +88939,15 @@ interface <dfn interface>Location</dfn> { // but see also <a href="#the-location
       </ol>
      </li>
 
+     <li><p>If <var>navigationParams</var>'s <span
+     data-x="navigation-params-credentialless">credentialless</span> is true, let
+     <var>partitionNonce</var> be <var>browsingContext</var>'s <span>top-level browsing
+     context</span>'s <span>page credentialless nonce</span>, null otherwise.</p></li>
+
      <li><p><span>Set up a window environment settings object</span> with <var>creationURL</var>,
      <var>realm execution context</var>, <var>navigationParams</var>'s <span
      data-x="navigation-params-reserved-environment">reserved environment</span>,
-     <var>topLevelCreationURL</var>, and <var>topLevelOrigin</var>.</p></li>
+     <var>topLevelCreationURL</var>, <var>topLevelOrigin</var>, and <var>partitionNonce</var>.</p></li>
     </ol>
 
     <p class="note">This is the usual case, where the new <code>Document</code> we're about to
@@ -91145,6 +91263,10 @@ interface <dfn interface>BeforeUnloadEvent</dfn> : <span>Event</span> {
    for="environment">execution ready flag</dfn></dt>
    <dd><p>A flag that indicates whether the environment setup is done. It is initially
    unset.</p></dd>
+
+   <dt>A <dfn export for="environment">partition nonce</dfn></dt>
+   <dd><p>An identifier or null. This is used discriminate and isolate environments further. Among
+   others, it is non null for <span>credentialless Window</span></p></dd>
   </dl>
 
   <p>Specifications may define <dfn export>environment discarding steps</dfn> for environments. The
@@ -103251,6 +103373,9 @@ interface <dfn interface>SharedWorkerGlobalScope</dfn> : <span>WorkerGlobalScope
     Storage Partitioning</a> for the latest on properly defining this.</p>
    </li>
 
+   <li><p>Set <var>settings object</var>'s <span for="environment">partition nonce</span> to
+   <var>outside settings</var>'s <span for="environment">partition nonce</span>.</p></li>
+
    <li><p>Set <var>realm</var>'s [[HostDefined]] field to <var>settings object</var>.</p></li>
 
    <li><p>Return <var>settings object</var>.</p></li>
@@ -104397,6 +104522,8 @@ interface <dfn interface>WorkletGlobalScope</dfn> {};</code></pre>
    unique opaque string, <span data-x="concept-environment-creation-url">creation URL</span> to
    <var>inheritedAPIBaseURL</var>, <span>top-level creation URL</span> to null, <span>top-level
    origin</span> to <var>outsideSettings</var>'s <span>top-level origin</span>, <span
+   for="environment">partition nonce</span> to <var>outsideSettings</var>'s <span
+   for="environment">partition nonce</span>,<span
    data-x="concept-environment-target-browsing-context">target browsing context</span> to null, and
    <span data-x="concept-environment-active-service-worker">active service worker</span> to
    null.</p></li>
@@ -123905,6 +124032,12 @@ interface <dfn interface>External</dfn> {
           <code data-x="attr-input-alt">input</code>
      <td> Replacement text for use when images are not available
      <td> <a href="#attribute-text">Text</a>*
+    <tr>
+     <th> <code data-x="">credentialless</code>
+     <td> <code data-x="attr-iframe-credentialless">iframe</code>
+     <td> Whether the <code>iframe</code>'s contents to be loaded using a new ephemeral storage
+     partition.
+     <td> <span>Boolean attribute</span>
     <tr>
      <th> <code data-x="">as</code>
      <td> <code data-x="attr-link-as">link</code>