A document can only load resources from the same origin, or resources explicitly marked as loadable from another origin. If a cross origin resource supports CORS, the crossorigin attribute or the Cross-Origin-Resource-Policy header must be used to load it without being blocked by COEP.
The feature is backwards-compatible as it is disabled by default.
hi @camsong
this PR will allow applications to set the
crossorigin
attribute on the script tag. This allows for more finegrained control over cross-origin resources especially when used together with https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy.The feature is backwards-compatible as it is disabled by default.