Update hasCrossSiteAncestor.md

Update language to specify that `{hasCrossSiteAncestor: false}` and `{hasCrossSiteAncestor:true}` are invalid keys.
w3c · Aug 16, 2024 · 8328697 · 8328697
1 parent 0d83efa
commit 8328697
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/proposals/hasCrossSiteAncestor.md b/proposals/hasCrossSiteAncestor.md
@@ -11,7 +11,11 @@ The cross-site ancestor chain bit is a component of the cookie partition key tha
 A third-party context occurs when the subresource the cookie is being set on has a cross-site frame ancestor.
 Once a frame is considered to be in a third-party context, all requests within that frame and its child frames are also third-party and have a cross site ancestor. Similarly, once a request redirects to a cross-site URL, it is considered third-party (even if it is subsequently redirected back to a first-party request after, that subsequent first-party request is now considered an ABA request).
 
-Unpartitioned cookies, which are indicated by a cookie not containing a `partitionKey`, the key not containing a `topLevelSite` or an empty `topLevelSite`, always have a `hasCrossSiteAncestor` value of `false`. Top-level documents may have partitioned cookies (topLevelSite non-empty, i.e. set to the site of the top-level document), but `hasCrossSiteAncestor` is always false for top-level contexts by [design](https://github.com/explainers-by-googlers/CHIPS-spec/blob/main/draft-cutler-httpbis-partitioned-cookies.md).
+Unpartitioned cookies, indicated by a cookie not containing a `partitionKey` or an empty `topLevelSite`, always have a `hasCrossSiteAncestor` value of `false`. An unpartitioned cookie can also be indicated with an empty `partitionKey` which will not have a value for `hasCrossSiteAncestor`.
+
+A `hasCrossSiteAncestor` value can only be validated if the `partitionKey` has a `topLevelSite`. Any `partitionKey` with no `topLevelSite` and a value for `hasCrossSiteAncestor` is considered invalid and will result in an error being thrown by the API.
+
+Top-level documents may have partitioned cookies (topLevelSite non-empty, i.e. set to the site of the top-level document), but `hasCrossSiteAncestor` is always false for top-level contexts by [design](https://github.com/explainers-by-googlers/CHIPS-spec/blob/main/draft-cutler-httpbis-partitioned-cookies.md). 
 
 Note: In the table below, sites A1, A2 and A3 are all first-party to each other.
 | Site frame tree |Site cookie is set on| hasCrossSiteAncestor value of cookie| Nodes that can't access the cookie|