The crossorigin attribute in html

Others 2021-03-22 12:18:11 views: null

The crossorigin attribute in html

Article Directory

Preface

Elements with crossorigin attribute in html are: script, link, img. Both are used for CORS requests.

1. The role of crossorigin attribute in script

When introducing a cross-domain script (such as using the library file on apis.google.com), if the script has an error, because of browser limitations (the root cause is the agreement), you will not get the error message. When locally trying to use window.onerror to record script errors, cross-domain scripting errors will only return Script error.

The new HTML5 regulations allow local access to cross-domain scripting error information, but there are two conditions: one is that the cross-domain scripting server must allow the current domain name to obtain the error through the Access-Control-Allow-Origin header. Information, the second is that the script tag in the web page must also indicate that the address specified by the src attribute is an address that supports cross-domain, that is, the crossorigin attribute. With these two conditions, you can get the error message of cross-domain scripting.

But when scriptin srca cross-domain html resources, its error message may leak private information, so you need to carefully consider carefully whether to use crossorigin property.

Second, the role of the crossorigin attribute in img and link

After the crossorigin attribute is added to img and link, canvas can not only read the data of image resources under another domain name, but also perform operations on it, just like operating images under the same domain name.
When it is not added, canvas can only read image resources under different domain names in tainted mode. "taint" means coloring and filming, such as filming on car windows. I understand that the "sticking film" method in the browser should mean that only pictures can be posted on the canvas, but the pictures cannot be read out as data, so as to prevent certain private information from being transmitted to other places along with the pictures.

Reference blog post: https://www.chrisyue.com/what-the-hell-is-crossorigin-attribute-in-html-script-tag.html

Guess you like

Origin blog.csdn.net/wdhxs/article/details/110144117
Recommended
Linus is the most active in "eating dog food"!
Ranking
Share good programmer web front-end array and sorting, de-duplication and random roll call
Compilation error caused by cv_bridge and python version problems error: return-statement with no value, in function returning'void*' [-fpe
魔众帮助中心系统 v3.1.0 首页切换器,界面优化
Die beim Millimeterwellenradar-Integrationstest aufgetretene Grube (Multiprozessbindung an einen UDP-Port verursacht Probleme)
How to suppress the "requires transitive directive for an automatic module" warning properly?
LeetCode-1743. Restore the Array From Adjacent Pairs-Analysis and Code (Java)
Summer 2019 Summer soft essay 7 workers
Python中Assert断言的使用语法和例子
LeetCode one question per day (2021-2-3 sliding window median)
Fairchild, the ancestor of semiconductors, the legend of the first trillion-dollar start-up
Daily
More
2024-05-20(5)
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)

Code World

© 2018 codetd.com