This content originally appeared on Stefan Judis Web Development and was authored by Stefan Judis
While reading Jake Archibald's article How to win at CORS, I learned that classic and module scripts treat CORS (Cross-Origin Resource Sharing) differently.
<!-- Not a CORS request -->
<script src="https://example.com/script.js"></script>
<!-- CORS request -->
<script type="module" src="https://example.com/script.js"></script>
If you're requesting a JavaScript file in a module context the response needs to define an Access-Control-Allow-Origin header or it will be blocked by the browser.
Classic scripts don't require it to not break the web and guarantee backward compatibility. Very interesting! If you want to learn more, read the article. It's a good one.
Reply to Stefan
This content originally appeared on Stefan Judis Web Development and was authored by Stefan Judis
Stefan Judis | Sciencx (2021-10-16T22:00:00+00:00) Cross-origin module scripts require CORS response headers (#tilPost). Retrieved from https://www.scien.cx/2021/10/16/cross-origin-module-scripts-require-cors-response-headers-tilpost/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.