In both image and script tags.
My understanding was that you can access both scripts and images on other domains. So when does one use this attribute?
Is this when you want to restrict the ability of others to access your scripts and image?
Images:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/img#attr-crossorigin
Scripts:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script
The answer can be found in the specification.
For img
:
The
crossorigin
attribute is a CORS settings attribute. Its purpose is to allow images from third-party sites that allow cross-origin access to be used withcanvas
.
and for script
:
The
crossorigin
attribute is a CORS settings attribute. It controls, for scripts that are obtained from other origins, whether error information will be exposed.