Feature to opt-in to CORS preload requests

[xiemms]

js && css use CDN, and host is different with website host。 so i need set the crossorigin. if not these config preload js && css resources will be load twice

[jeffposnick]

Not every CDN supports CORS, so it would introduce compatibility issues with those CDNs if the crossorigin attribute were added unconditionally for every cross-origin URL.

Neither JavaScript nor CSS resources require CORS to be enabled for basic functionality (there are some restrictions on non-CORS JavaScript, but they're usually not deal-breakers).

Additionally, there needs to be a match between whether or not a CORS was used for the preload request and whether the crossorigin attribute is set on the <script> or <link rel="stylesheet"> when it's added to the DOM. If a preload takes place with CORS, but the resulting script or stylesheet usage doesn't specify crossorigin, then the preloaded response won't be used—and vice-versa.

So what it sounds like is that you're trying to preload some CSS or JS from a CDN and then when you actually use those resources in your page, you're specifying that they should be crossorigin.

Adding in a new config option to let you specifically opt-in to CORS preloading is possible, if there's significant demand, but it might be easier if you just removed the crossorigin attribute from your actual usage of the CSS or JS (unless it's actually needed for some reason).

How does that sound?

[zhangshme]

Sometimes we have to add crossorigin attribute to script tag, because if not, APM like elastic-apm-rum-js will only get Script Error instead of detailed error message when script is hosted on CDN.