The credentials
read-only property of the Request
interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests. This is similar to XHR’s withCredentials
flag, but with three available values (instead of two):
omit
: Never send cookies.same-origin
: Send cookies if the URL is on the same origin as the calling script.include
: Always send cookies, even for cross-origin calls.
Syntax
var myCred = request.credentials;
Value
A RequestCredentials
value.
Example
In the following snippet, we create a new request using the Request.Request()
constructor (for an image file in the same directory as the script), then save the request credentials in a variable:
var myRequest = new Request('flowers.jpg'); var myCred = myRequest.credentials; // returns "omit" by default
Specifications
Specification | Status | Comment |
---|---|---|
Fetch The definition of 'credentials' in that specification. |
Living Standard | Initial definition |
Browser compatibility
Feature | Chrome | Edge | Firefox (Gecko) | Internet Explorer | Opera | Safari (WebKit) |
---|---|---|---|---|---|---|
Basic support | 42 41[1] |
(Yes) | 39 (39) 34[1] |
No support |
29 |
No support |
Feature | Android | Edge | Firefox Mobile (Gecko) | Firefox OS (Gecko) | IE Phone | Opera Mobile | Safari Mobile | Chrome for Android |
---|---|---|---|---|---|---|---|---|
Basic support | No support | (Yes) | No support | No support | No support | No support | No support | No support |
[1] This feature is implemented behind a preference.