This is an experimental technology
Because this technology's specification has not stabilized, check the compatibility table for the proper prefixes to use in various browsers. Also note that the syntax and behavior of an experimental technology is subject to change in future versions of browsers as the spec changes.
The credentials
read-only property of the Request
interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests. This is similar to XHR’s withCredentials
flag, but with three available values (instead of two):
omit
: Never send cookies.same-origin
: Only send cookies if the URL is on the same origin as the calling script.include
: Always send cookies, even for cross-origin calls.
Syntax
var myCred = request.credentials;
Value
A RequestCredentials
value.
Example
In the following snippet, we create a new request using the Request.Request()
constructor (for an image file in the same directory as the script), then save the request credentials in a variable:
var myRequest = new Request('flowers.jpg'); var myCred = myRequest.credentials; // returns "omit" by default
Specifications
Specification | Status | Comment |
---|---|---|
Fetch The definition of 'credentials' in that specification. |
Living Standard | Initial definition |
Browser compatibility
Feature | Chrome | Firefox (Gecko) | Internet Explorer | Opera | Safari (WebKit) |
---|---|---|---|---|---|
Basic support | 42 41[1] |
39 (39) 34[1] |
Not supported |
29 |
Not supported |
Feature | Android | Firefox Mobile (Gecko) | Firefox OS (Gecko) | IE Phone | Opera Mobile | Safari Mobile | Chrome for Android |
---|---|---|---|---|---|---|---|
Basic support | Not supported | Not supported | Not supported | Not supported | Not supported | Not supported | Not supported |
[1] This feature is implemented behind a preference.