crossorigin属性的目的...? [英] Purpose of the crossorigin attribute...?

问题描述

在图像标签和脚本标签中.

In both image and script tags.

我的理解是，您可以访问其他域上的脚本和图像.那么什么时候使用此属性?

My understanding was that you can access both scripts and images on other domains. So when does one use this attribute?

是否要限制其他人访问脚本和图像的能力?

Is this when you want to restrict the ability of others to access your scripts and image?

图片:

https://developer.mozilla. org/zh-CN/docs/Web/HTML/Element/img#attr-crossorigin

脚本:

https://developer.mozilla.org/zh-美国/docs/Web/HTML/Element/script

推荐答案

启用了CORS的图像可以在元素中重用而不会受到污染.允许的值为:

CORS-enabled images can be reused in the element without being tainted. The allowed values are:

页面已回答您的问题.

如果您有跨域图像，则可以将其复制到画布中，但这会弄脏"画布，从而阻止您阅读图像(因此，您将无法窃取"图像，例如，从站点本身无法访问的Intranet中获取图像)可使用).但是，通过使用CORS，存储图像的服务器可以告诉浏览器允许跨域访问，因此您可以通过画布访问图像数据.

If you have a cross-origin image you can copy it into a canvas but this "taints" the canvas which prevents you from reading it (so you cannot "steal" images e.g. from an intranet where the site itself doesn't have access to). However, by using CORS the server where the image is stored can tell the browser that cross-origin access is permitted and thus you can access the image data through a canvas.

MDN也有关于此内容的页面: https://developer. mozilla.org/zh-CN/docs/HTML/CORS_Enabled_Image

MDN also has a page about just this thing: https://developer.mozilla.org/en-US/docs/HTML/CORS_Enabled_Image

是否要限制其他人访问脚本和图像的能力?

Is this when you want to restrict the ability of others to access your scripts and image?

不.

这篇关于crossorigin属性的目的...?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！