@JuniorHsu I was looking at how HTML invokes fetch from its navigate algorithm to see if there was anything around origins we were overlooking thus far and found this:

An element has a browsing context scope origin if its Document's browsing context is a top-level browsing context or if all of its Document's ancestor browsing contexts all have active documents whose origin are the same origin as the element's node document's origin. If an element has a browsing context scope origin, then its value is the origin of the element's node document.

I think the intent is that if there's a navigation from a frame that's cross-origin with one of its ancestors there's no origin, though the exact way this concept is currently used and worded makes it a no-op. I suspect this regressed when rewriting things to use the Fetch Standard.

We probably need to test what happens in such scenarios (a non-top-level frame that's cross-origin with one if its ancestors) with regards to the Origin header as that's the only thing a request's origin concept is used for when it comes to navigation if I remember correctly.

(I don't think making Origin follow Referrer Policy as discussed at whatwg/fetch#908 needs to block on this however.)

cc @zetafunction @yutakahirano