https://wicg.github.io/anonymous-iframe/#dom-window-credentialless

Credentialless iframes' partitions are determined by a page credentialless nonce, which is unique to each top-level window.

Steps to fix this:

1. Extend our network revocation algorithm to revoke network access for the page credentialless nonce on top of the existing fenced frame partition nonce. This can be done simply by calling the new [=revoke network for a partition nonce=] algorithm on the relevant window's page credentialless nonce in the disableUntrustedNetwork() algorithm.
2. The "must be blocked due to a revoked partition nonce" algorithm must then be invoked in the fetch patch to pass in both the fenced frame nonce, and credentialless iframe nonce, if one exists. Currently, neither nonce is being passed in.

It seems that the pieces we need are there and easily accessible, but the biggest lingering question is making sure the nonces are in place when checking whether a navigation should be blocked (in step 2).