HTML <script> crossorigin Attribute
The HTML <script> crossorigin Attribute is used for loading an external script into their domain from a third party server or another domain with the support of HTTP CORS Request. This attribute is used to protect sensitive information from the third party when fetching out the results.
Cross-Origin Resource Sharing(CORS) is a tool that allows web pages requesting for resources from another domain that is outside of their own domain. It is also used for managing cross-origin requests which is a request for a resource from an outside domain.
<script crossorigin="anonymous | use-credentials">
- anonymous: It has a default value. It defines a CORS request will be sent without passing the credentials information.
- use-credentials: A cross-origin request will be sent with credentials, cookies, and certificate.
Note: This attribute is only valid for use if we try to fetch the resources from the third party domain.
Example: Below code illustrates the use of crossorigin attribute with the <script> element.
- Google Chrome 30.0
- Firefox 13.0
- Microsoft Edge 18.0
- Opera 12.0
- Safari 1.0