: When should I use the “crossorigin” attribute on a “preconnect” ? I’d like to include some preconnect resource hints on my site so that browsers can (for example) connect to the jQuery
I’d like to include some preconnect resource hints on my site so that browsers can (for example) connect to the jQuery CDN before they actually see the script tag that invokes the CDN. I’m not sure whether I should include the “crossorigin” attribute or what its value should be. The spec says, in part,
To initiate a preconnect, the user agent must run these steps:
[…]
Let corsAttributeState be the current state of the element's crossorigin content attribute.
Let credentials be a boolean value set to true.
If corsAttributeState is Anonymous and origin is not equal to current Document's origin, set credentials to false.
Attempt to obtain connection with origin and credentials.
I don’t know how to interpret this algorithm. If I’m preconnecting to a CDN, which will let anyone download its content without any sort of credentials, what value should I use for the “crossorigin” attribute?
More posts by @Berryessa370
1 Comments
Sorted by latest first Latest Oldest Best
So far i understand the usage of crossorigin, specially in terms of its values anonymous and use-credentials, you should use crossorigin="use-credentials"in case:
you use assets, like images or videos, which have a crossorigin attribute
you plan to carry cookies, HTTP authentication, and client-side SSL certificates between origins, based on the user agent's previous interactions with the origin.
Additionally to the documentation cited by you i got this and that. But indeed the documentation is misleading and contains misspelling: the first calls it use-credentials, the second - user-credentials.
Anyway, in my understanding:
no crossorigin at all equals crossorigin="anonymous"
crossorigin equals crossorigin="use-credentials"
Maybe somebody would correct me.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.