quicklink icon indicating copy to clipboard operation
quicklink copied to clipboard
verified publisher icon GoogleChromeLabs

Update request for "quicklink" library to fix CORS errors

Open giorgiopellegrino opened this issue 1 year ago • 2 comments

Hi @gilbertococchi @addyosmani ,

I am contacting you to ask for an update of the “quicklink” library in order to solve a problem related to CORS errors during resource prefetching.

Specifically, I would like to have the attribute “crossorigin=”anonymous“” added while the prefetch link element is added to the DOM in the “src/prefetch.mjs” file. This is the updated code I would like to implement:

image

The reason for this change is to ensure that prefetched resources are not treated as opaque resources but as cors resources, thus avoiding possible CORS errors when they are retrieved from the cache.

Here is an example of the error that currently occurs when a prefetched resource is called from the cache:

image

Alternatively, one solution might be to allow the user to choose whether to add the “cross-origin” attribute using the API. An example of a call could be: quicklink.prefetch("URLResource", false, {crossorigin:"anonymous"});

Thank you for your attention and timely resolution of this issue.

Sincerely yours,

Giorgio Pellegrino.

giorgiopellegrino avatar May 06 '24 17:05 giorgiopellegrino

Hi Giorgio, thanks for opening this issue.

It seems like you would like to personalize the crossorigin attribute of the Fetch or Link=Prefetch tags generated by QuickLink.

Would you be able to open a PR with the suggested code change? I would be happy to review and provide some suggestions.

Currently the quicklink.prefetch method only support the boolean config isPriority.

It would be required to switch to an option method as you suggested and that may fall as a breaking change.

gilbertococchi avatar May 09 '24 09:05 gilbertococchi

Dear @gilbertococchi @addyosmani ,

I would like to inform you that I have processed a pull request (https://github.com/GoogleChromeLabs/quicklink/pull/423).

I would kindly appreciate instructions on any further actions necessary to ensure the validity of the above request.

Thank you.

Giorgio

giorgiopellegrino avatar May 09 '24 11:05 giorgiopellegrino

Good evening,

I would like to inform you that I have submitted a new pull request, which includes checks for both Access-Control-Allow-Origin and Access-Control-Allow-Credentials. Could you please expedite the approval process, as my performance team requires it?

Thank you @gilbertococchi @addyosmani @XhmikosR ,
Giorgio

giorgiopellegrino avatar Oct 25 '24 18:10 giorgiopellegrino

Hello,

I am attaching a new pull request that implements fixes to address issues with Access-Control-Allow-Origin and Access-Control-Allow-Credentials checks across different browsers, including fallback handling for XHR calls.

You can review the changes here: https://github.com/GoogleChromeLabs/quicklink/pull/434.

Best,

Giorgio

giorgiopellegrino avatar Oct 29 '24 17:10 giorgiopellegrino

The pull request https://github.com/GoogleChromeLabs/quicklink/pull/435 has been merged. I’ll go ahead and close the ticket. Thank you all for your collaboration. Giorgio

giorgiopellegrino avatar May 20 '25 10:05 giorgiopellegrino