crossorigin属性的用途...？ [英] Purpose of the crossorigin attribute ...?

问题描述

在图像和脚本标签中。

我的理解是，您可以访问其他域上的脚本和图像。因此，何时使用此属性？

My understanding was that you can access both scripts and images on other domains. So when does one use this attribute?

当你想限制其他人访问你的脚本和图像的能力吗？

Is this when you want to restrict the ability of others to access your scripts and image?

图片

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/img#attr-crossorigin

脚本

https： //developer.mozilla.org/en-US/docs/Web/HTML/Element/script

推荐答案

启用CORS的图像可以在元素中重复使用，而不会被污染。允许的值为：

CORS-enabled images can be reused in the element without being tainted. The allowed values are:

页面已经回答了您的问题。

The page already answers your question.

如果你有一个跨源图像，你可以将它复制到一个画布，但这污点的画布，阻止你阅读它（所以你不能偷图像，例如从网站本身无法访问的Intranet ）。但是，通过使用CORS，存储图像的服务器可以告诉浏览器允许跨源访问，因此您可以通过画布访问图像数据。

If you have a cross-origin image you can copy it into a canvas but this "taints" the canvas which prevents you from reading it (so you cannot "steal" images e.g. from an intranet where the site itself doesn't have access to). However, by using CORS the server where the image is stored can tell the browser that cross-origin access is permitted and thus you can access the image data through a canvas.

MDN还有一个有关这个问题的页面： https://developer.mozilla.org/en-US/ docs / HTML / CORS_Enabled_Image

MDN also has a page about just this thing: https://developer.mozilla.org/en-US/docs/HTML/CORS_Enabled_Image

当您想限制他人访问您的脚本和图片的能力时， / p>

Is this when you want to restrict the ability of others to access your scripts and image?

否。

这篇关于crossorigin属性的用途...？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！