Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CROSSORIGIN and CREDENTIALS on prefetch requests #435

Open
wants to merge 20 commits into
base: main
Choose a base branch
from
Open

CROSSORIGIN and CREDENTIALS on prefetch requests #435

wants to merge 20 commits into from

Conversation

giorgiopellegrino
Copy link

@giorgiopellegrino giorgiopellegrino commented Dec 5, 2024
edited
Loading

Dear @addyosmani @XhmikosR ,

I am submitting this pull request to address issues encountered within our Luxottica e-commerce group, where we observed inconsistent resource prefetching behavior across different browsers.

Currently, three prefetching methods are implemented:

  1. viaDom – Prefetches resources without checking the Access-Control-Allow-Origin header, using the attribute crossorigin="anonymous".
  2. viaXhr – Fetches resources while always validating the Access-Control-Allow-Credentials response header.
  3. viaFetch – Executes a fetch request that defaults to mode: "cors" and checks Access-Control-Allow-Origin, while credentials: "include" ensures Access-Control-Allow-Credentials validation.
    Additionally, I have handled resource prioritization for Safari devices, adding the priority: "low|high" property specifically for fetch requests. All parameters are set to false by default but can be adjusted as needed.

The updated method signature for prefetching is as follows:

prefetch(url, isPriority, checkAccessControlAllowOrigin, checkAccessControlAllowCredentials);

window.addEventListener('load', () => {
  quicklink.listen({el, priority,
                    checkAccessControlAllowOrigin, checkAccessControlAllowCredentials});
});

I would appreciate your review of these improvements.

Thank you,
Giorgio

c.c. @gilbertococchi

giorgiopellegrino and others added 19 commits May 9, 2024 13:33
@giorgiopellegrino
add isCrossorigin attribute to prefetch method
49a212f
@giorgiopellegrino
added javascript doc
fdd7d23
@giorgiopellegrino
crossorigin call from fetch and prefetch
41c8df5
@giorgiopellegrino
removed xhr and added Access-Control-Allow-Origin header check
1f2aa43
@giorgiopellegrino
javascript doc fixes
b0cf0d5
@giorgiopellegrino
Add attribute to manage AccessControllAllowCredentials
7cd5371
@giorgiopellegrino
2.3.0
0087419
@giorgiopellegrino
2.4.0
b53152d
@giorgiopellegrino
removed exception handler
bcb74c8
@giorgiopellegrino
Merge branch 'GoogleChromeLabs:main' into main
dfb6161
@giorgiopellegrino
2.4.0
281255c
@giorgiopellegrino
Added prerender eagerness property
34e0980
@giorgiopellegrino
Added prefetch fallback for eagerness prerender
5b0b288
@giorgiopellegrino
added missing variable declaration
c47627e
@giorgiopellegrino
added fallback prefetch module refactoring
dcd924b
@giorgiopellegrino
2.4.0
ec067f5
@giorgiopellegrino
fix decodeURIComponent
8afc88c
@giorgiopellegrino
Refactoring call prefetchOnHover function to clean up index.mjs
bc6f2cd
@giorgiopellegrino
Added control of Access-Control-Allow-Origin and Credentials
037e592
@giorgiopellegrino giorgiopellegrino mentioned this pull request Dec 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@giorgiopellegrino