HTML <script> crossorigin Attribute

❮ HTML <script> tag

Example

<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-U1DAWAznBHeqEIlVSCgzq+c9gqGAJn5c/t99JyeKa9xxaYpSvHU5awsuZVVFIhvj" crossorigin="anonymous"></script>

Meaning

The crossorigin attribute specifies whether or not script error information will be revealed from the script(This is used only when scripts are being loaded from different origins).

The CORS (Cross-Origin Resource Sharing) is a system, consisting of transmitting HTTP headers, that determines whether browsers block frontend JavaScript code from accessing responses for cross-origin requests.

The same-origin security policy forbids cross-origin access to resources. But CORS gives web servers the ability to say they want to opt into allowing cross-origin access to their resources.


Standard Syntax

<script crossorigin="anonymous|use-credentials"></script>



Browser Support




Status







Attribute Values

Value Description
anonymous A cross-origin request is performed. No credentials are sent.
use-credentials A cross-origin request is performed. Credentials are sent (e.g. a cookie, a certificate, a HTTP Basic authentication).
❮ HTML <script> tag