When reading about SameSite attribute I came across the term top-level navigation.
As I understood it, it's when user has website1.com open in browser and then clicks the link that navigates browser to some other site eg. website2.com. But this is a loose definition.
So what exactly is top-level navigation in browser terminology? Is there some specification or RFC with strict definition of this term?
Can it be triggered in ways other than clicking a link that leads to another website (ie. having <a href="website2.com">website2.com</a> on website1.com)? What about if I just enter website2.com url directly in the browser's navigation bar, is that considered a top-level navigation?
Also, is top-level navigation important in other areas of browser/http/security beside using it with cookies and SameSite attribute?
Top-level navigation refers to navigation within a top-level traversable.
Top-level traversables are independent browsing contexts that can directly contain top-level browsing contexts, such as:
So basically, as Shehryar said, the address bar.