Request.credentials - Web APIs 编辑

The credentials read-only property of the Request interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests.

Syntax

var myCred = request.credentials;

Value

A RequestCredentials dictionary value indicating whether the user agent should send cookies from the other domain in the case of cross-origin requests. Possible values are:

• omit: Never send or receive cookies.
• same-origin: Send user credentials (cookies, basic http auth, etc..) if the URL is on the same origin as the calling script. This is the default value.
• include: Always send user credentials (cookies, basic http auth, etc..), even for cross-origin calls.

This is similar to XHR’s withCredentials flag, but with three available values instead of two.

Example

In the following snippet, we create a new request using the Request.Request() constructor (for an image file in the same directory as the script), then save the request credentials in a variable:

var myRequest = new Request('flowers.jpg');
var myCred = myRequest.credentials; // returns "same-origin" by default

Specifications

Browser compatibility

BCD tables only load in the browser

See also

• ServiceWorker API
• HTTP access control (CORS)
• HTTP