quicklink icon indicating copy to clipboard operation
quicklink copied to clipboard

Published 20 hours ago verified publisher icon GoogleChromeLabs

add crossorigin attribute to prefetch method

Open giorgiopellegrino opened this issue 1 year ago • 7 comments

Hi. I added a new boolean parameter to the prefetch(url, isPriority, isCrossorigin) method.

When isCrossorigin is true, XHR calls will occur with mode: “cors”, and prefetch will add the crossorigin=“anonymous” attribute to the link element. On the other hand, if isCorssorigin is false (default value), XHR calls will occur with credentials: “include”, and the prefetch will add the crossorigin=“use-credentials” attribute to the link element.

I hope this feature will be useful as well as to me to the whole community. Thank you!

Giorgio

giorgiopellegrino avatar May 09 '24 11:05 giorgiopellegrino

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

google-cla[bot] avatar May 09 '24 11:05 google-cla[bot]

@giorgiopellegrino please make sure everything is green locally and add a new test case too.

XhmikosR avatar May 10 '24 04:05 XhmikosR

Sorry, I forgot to run the npm run eslint-fix command and run the automatic tests. I entered the JsDOCs and renamed the parameter from isCrossorigin to onlySameOrigin. Therefore, using the API prefetch(url, isPriority, onlySameOrigin) will remain unchanged from before. However, if the last parameter is set to true as follows: prefetch(url, false, true), then XHR calls will be made with “include” credentials, and the prefetch will add the crossorigin=“use-credentials” attribute to the link element.

giorgiopellegrino avatar May 10 '24 08:05 giorgiopellegrino

I decided to simplify my feature by adding only the boolean parameter addCrossorigin to the prefetch(url, isPriority, addCrossorigin) method. When set to true, this parameter adds the crossorigin=“anonymous” attribute to the prefetch link. Thank you. Giorgio

giorgiopellegrino avatar May 10 '24 18:05 giorgiopellegrino

Dear @XhmikosR ,

I would like to inform you that I recently performed a pull procedure from the main branch in order to keep the xmr/prefetch-crossorigin branch aligned with the same main branch.

I would appreciate any instructions regarding the next steps to be taken or if it is necessary to wait for certain developments before proceeding with merging my branch on the main branch, so to approve the PR.

I thank you in advance for the valuable information you would like to share.

Sincerely, Giorgio

giorgiopellegrino avatar May 13 '24 11:05 giorgiopellegrino

@XhmikosR thanks for all your help on this PR so far! May I ask if you can please review the latest change and if the PR looks good to you at this point?

@addyosmani FYI

gilbertococchi avatar Jun 03 '24 16:06 gilbertococchi

Hi @XhmikosR ,
I am writing to kindly ask you to verify the requested merge. In order to use quicklink, we need to make requests with CORS resource control, applying the crossorigin attribute to the scripts and links we intend to prefetch.
Would it be possible to control this merge? I thank you in advance for your availability.
Best regards. FYI @gilbertococchi

giorgiopellegrino avatar Oct 11 '24 13:10 giorgiopellegrino

Hello @XhmikosR ,

I have submitted a pull request to enable the prefetching of resources while deciding whether the browser should check the response headers for Access-Control-Allow-Origin and Access-Control-Allow-Credentials. This is done by adding two arguments to the prefetch method: checkAccessControlAllowOrigin and checkAccessControlAllowCredentials. I have also run the necessary tests. Could you kindly review and approve the pull request?

Thank you.

Giorgio

cc @gilbertococchi

giorgiopellegrino avatar Oct 25 '24 18:10 giorgiopellegrino