Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

CROSSORIGIN and CREDENTIALS on prefetch requests #435

Open
wants to merge 20 commits into
base: main
Choose a base branch
from
Open

CROSSORIGIN and CREDENTIALS on prefetch requests #435

wants to merge 20 commits into from

Conversation

giorgiopellegrino
Copy link

@giorgiopellegrino giorgiopellegrino commented Dec 5, 2024
edited
Loading

Dear @addyosmani @XhmikosR ,

I am submitting this pull request to address issues encountered within our Luxottica e-commerce group, where we observed inconsistent resource prefetching behavior across different browsers.

Currently, three prefetching methods are implemented:

  1. viaDom – Prefetches resources without checking the Access-Control-Allow-Origin header, using the attribute crossorigin="anonymous".
  2. viaXhr – Fetches resources while always validating the Access-Control-Allow-Credentials response header.
  3. viaFetch – Executes a fetch request that defaults to mode: "cors" and checks Access-Control-Allow-Origin, while credentials: "include" ensures Access-Control-Allow-Credentials validation.
    Additionally, I have handled resource prioritization for Safari devices, adding the priority: "low|high" property specifically for fetch requests. All parameters are set to false by default but can be adjusted as needed.

The updated method signature for prefetching is as follows:

prefetch(url, isPriority, checkAccessControlAllowOrigin, checkAccessControlAllowCredentials);

window.addEventListener('load', () => {
  quicklink.listen({el, priority,
                    checkAccessControlAllowOrigin, checkAccessControlAllowCredentials});
});

I would appreciate your review of these improvements.

Thank you,
Giorgio

c.c. @gilbertococchi

giorgiopellegrino and others added 19 commits May 9, 2024 13:33
@giorgiopellegrino
add isCrossorigin attribute to prefetch method
49a212f
@giorgiopellegrino
added javascript doc
fdd7d23
@giorgiopellegrino
crossorigin call from fetch and prefetch
41c8df5
@giorgiopellegrino
removed xhr and added Access-Control-Allow-Origin header check
1f2aa43
@giorgiopellegrino
javascript doc fixes
b0cf0d5
@giorgiopellegrino
Add attribute to manage AccessControllAllowCredentials
7cd5371
@giorgiopellegrino
2.3.0
0087419
@giorgiopellegrino
2.4.0
b53152d
@giorgiopellegrino
removed exception handler
bcb74c8
@giorgiopellegrino
Merge branch 'GoogleChromeLabs:main' into main
dfb6161
@giorgiopellegrino
2.4.0
281255c
@giorgiopellegrino
Added prerender eagerness property
34e0980
@giorgiopellegrino
Added prefetch fallback for eagerness prerender
5b0b288
@giorgiopellegrino
added missing variable declaration
c47627e
@giorgiopellegrino
added fallback prefetch module refactoring
dcd924b
@giorgiopellegrino
2.4.0
ec067f5
@giorgiopellegrino
fix decodeURIComponent
8afc88c
@giorgiopellegrino
Refactoring call prefetchOnHover function to clean up index.mjs
bc6f2cd
@giorgiopellegrino
Added control of Access-Control-Allow-Origin and Credentials
037e592
@giorgiopellegrino giorgiopellegrino mentioned this pull request Dec 5, 2024
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@giorgiopellegrino