HTML <script> crossorigin attribute
Definition and Usage
crossorigin The attribute sets the request mode to HTTP CORS request.
Web pages often send requests to load resources on other servers. This is where CORS comes into play.
Cross-domain requests are requests for resources from another domain (such as stylesheets, iframes, images, fonts, or scripts).
CORS is used to manage cross-domain requests.
CORS stands for Cross-Origin Resource Sharing, which is a mechanism that allows resources on web pages to be requested from another domain outside of their own. It defines how browsers and servers interact to determine if cross-origin requests are safe. CORS allows servers to specify who can access resources on the server, as well as many other features.
Tip:In contrast to cross-origin requests, same-origin requests are. This means that the web page can only interact with other documents on the same server. This strategy enforces that documents that must interact with each other must have the same origin (domain).
Tip:See also integrity attribute.
Example
To link to the .js file on another server. Here we use both integrity and crossorigin attributes:
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous" </script>
Gramatyka
<script crossorigin="anonymous|use-credentials">
Wartość atrybutu
| Wartość | Opis |
|---|---|
|
Definiowanie modelu żądań CORS:
|
Wsparcie przeglądarek
Liczby w tabeli wskazują na pierwszą wersję przeglądarki, która w pełni obsługuje tę właściwość.
| Chrome | Edge | Firefox | Safari | Opera |
|---|---|---|---|---|
| Chrome | Edge | Firefox | Safari | Opera |
| 30.0 | 18.0 | 13.0 | 13.0 | 12.1 |
