The credentials read-only property of the Request interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests. This is similar to XHR’s withCredentials flag, but with three available values (instead of two):
omit: Never send cookies.same-origin: Send user credentials (cookies, basic http auth, etc..) if the URL is on the same origin as the calling script.include: Always send user credentials (cookies, basic http auth, etc..), even for cross-origin calls.var myCred = request.credentials;
A RequestCredentials value.
In the following snippet, we create a new request using the Request.Request() constructor (for an image file in the same directory as the script), then save the request credentials in a variable:
var myRequest = new Request('flowers.jpg');
var myCred = myRequest.credentials; // returns "omit" by default | Specification | Status | Comment |
|---|---|---|
| Fetch The definition of 'credentials' in that specification. | Living Standard | Initial definition |
| Feature | Chrome | Edge | Firefox (Gecko) | Internet Explorer | Opera | Safari (WebKit) |
|---|---|---|---|---|---|---|
| Basic support | 42 41[1] | (Yes) |
39 (39) 34[1] | No support | 29 | No support |
| Feature | Android | Edge | Firefox Mobile (Gecko) | Firefox OS (Gecko) | IE Phone | Opera Mobile | Safari Mobile | Chrome for Android |
|---|---|---|---|---|---|---|---|---|
| Basic support | No support | (Yes) | No support | No support | No support | No support | No support | No support |
[1] This feature is implemented behind a preference.
© 2005–2018 Mozilla Developer Network and individual contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials