Currently, 6265bis only really talks about storing cookies that come from non-HTTP sources (e.g. document.cookie, CookieStore), but there is nothing in the spec about what cookies should be included in non-HTTP reads except that HttpOnly cookies should be ignored.

This lack of guidance has led to some disagreements between browsers about whether SameSite=AnythingButNone cookies should be accessible in cross-origin frames.

I am opening this issue to start a discussion about whether non-HTTP cookie access is in scope of 6265bis, and if so, what changes should be made to the spec.