Crossorigin attribute
Categories:
crossorigin type
| Type | Description |
|---|---|
| anonymous | There is no exchange of user credentials via cookies, client-side SSL certificates or HTTP authentication, unless destination is the same origin. |
| use-credentials | user credentials are always included. |
crossorigin anonymous
These are all crossorigin anonymous.
<link crossorigin="anonymous">
<link crossorigin="">
<link crossorigin>
If you omit the crossorigin attribute, the browser only performs the DNS lookup.
Crossorigin valid tags
<audio><img><link><script><video>
<script src="other.js" crossorigin="anonymous"></script>
<link rel="manifest" href="/app.webmanifest" crossorigin="use-credentials">