nicjansma
commented
1 year ago @mamumu123 per the current ResourceTiming spec, several attributes are "protected" from being read by JavaScript if they are cross-origin and that resources does not have the Timing-Allow-Origin header.
As a web developer, using dev tools, you should be able to see the full values. But that may differ from what JavaScript can read.
More details here: https://www.w3.org/TR/resource-timing-2/#sec-cross-origin-resources
I originally wanted to count the proportion of users using H3. I found the API nexthopprotocol, but when I opened the cross domain plug-in test, I found this problem.
How to reproduce: here is a demo, add this png(https://imgcache.qq.com/qcloud/public/static/avatar0_100.20191230.png) in website then, in chrome -> devtool -> network , it was 'h2';
bug in console ,nextHopProtocol is ''.
In my opinion, ’devtool -> network‘ comes from the server response, bug nextHopProtocol is " The nextHopProtocol read-only property is a string representing the network protocol used to fetch the resource, as identified by the ALPN Protocol ID (RFC7301).When a proxy is used, if a tunnel connection is established, this property returns the ALPN Protocol ID of the tunneled protocol. Otherwise, this property returns the ALPN Protocol ID of the first hop to the proxy." so they are different ?