Request.credentials
The credentials
read-only property of the Request
interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests.
Value
A RequestCredentials
dictionary value indicating whether the user agent should send cookies from the other domain in the case of cross-origin requests. Possible values are:
omit
: Never send or receive cookies.same-origin
: Send user credentials (cookies, basic http auth, etc..) if the URL is on the same origin as the calling script. This is the default value.include
: Always send user credentials (cookies, basic http auth, etc..), even for cross-origin calls.
This is similar to XHR's withCredentials
flag, but with three available values instead of two.
Examples
In the following snippet, we create a new request using the Request()
constructor (for an image file in the same directory as the script), then save the request credentials in a variable:
var myRequest = new Request('flowers.jpg');
var myCred = myRequest.credentials; // returns "same-origin" by default
Specifications
Specification |
---|
Fetch Standard # ref-for-dom-request-credentials② |
Browser compatibility
BCD tables only load in the browser