tc39 / proposal-dynamic-import

import() proposal for JavaScript
https://tc39.github.io/proposal-dynamic-import/
MIT License
1.86k stars 47 forks source link

Authentication and dynamic imports #60

Closed aapoalas closed 6 years ago

aapoalas commented 6 years ago

Hello

Chrome has already rolled out dynamic ES6 imports. I have been wanting to try it out with a system where part of the UI data is fetched from a remote server / other localhosted server. Problem is that this data is, naturally, hidden behind an authentication layer and, as far as I understand, there is currently no way to send credentials with the dynamic import.

I readily admit myself to be woefully ignorant of the deeper implications of credentials inclusion in dynamic imports, but it does nevertheless seem to me like this feature will be of utmost importance to many use cases. Is there any road map with regards to authentication with dynamic imports?

domenic commented 6 years ago

You can use them within a <script> whose crossorigin="" attribute is set appropriately to give credentials. This applies to all imports, not just dynamic ones.

aapoalas commented 6 years ago

Ah, thank you for enlightening me! Now I feel way stupid :)

mattdsteele commented 6 years ago

@domenic For my understanding, does that mean I can do:

<script type="module" src="foo.js" crossorigin=""></script>
// foo.js

import './bar.js';
import('./baz.js');

Then foo.js, bar.js and baz.js should all be loaded with credentials?