The crossorigin attribute on a <link> tag specifies that CORS is supported when loading stylesheet or icon files from a third party server or domain.
CORS is a standard mechanism used to retrieve files from other domains.
A <link> element with a
With this attribute, the link supports CORS. No credentials are sent when the stylesheet is retrieved.
<link crossorigin="anonymous" rel="stylesheet" href="/tutorial/style.css">
Note: the example stylesheet is not retrieved from a third party server, but you get the idea.
The crossorigin attribute specifies that the link element supports CORS.
CORS stands for Cross Origin Resource Sharing.
CORS is a standard mechanism to retrieve files from a third party domain or server.
If specified, the stylesheet or icon file request will be sent with or without credentials.
Note: This attribute is only relevant when the stylesheet or icon is retrieved from a third party server. Do not use this attribute when these files are on your own server.
<link crossorigin="anonymous | use-credentials">
|anonymous or "" or blank||
A cross-origin request will be sent without credentials and performs basic HTTP authentication.
This is the default. Note:
|use-credentials||A cross-origin request will be sent with credentials, cookies, and certificate.|
Here is when crossorigin support started for each browser:
Back to <link>