html.crossorigin

Type: boolean | 'anonymous' | 'use-credentials'
Default: false

Set the crossorigin attribute of the <script> and <style> tags.

If true is passed, it will automatically be set to crossorigin="anonymous".
If false is passed, it will not set the crossorigin attr.

Example

export default {
  html: {
    crossorigin: 'anonymous',
  },
  output: {
    assetPrefix: 'https://example.com',
  },
};

After compilation, the <script> tag in HTML becomes:

<script
  defer
  src="https://example.com/static/js/main.js"
  crossorigin="anonymous"
></script>

The <style> tag becomes:

<link
  href="https://example.com/static/css/main.css"
  rel="stylesheet"
  crossorigin="anonymous"
/>

Tip

If the domain of static assets is the same as the current page, Rsbuild will not add the crossorigin="anonymous" attribute, as this attribute is not required for non-cross-domain scenario.

Optional values

crossorigin can the set to the following values:

anonymous: Request uses CORS headers and credentials flag is set to 'same-origin'. There is no exchange of user credentials via cookies, client-side SSL certificates or HTTP authentication, unless destination is the same origin.
use-credentials: Request uses CORS headers, credentials flag is set to 'include' and user credentials are always included.

#html.crossorigin

#Example

#Optional values

#html.crossorigin

#Example

#Optional values

html.crossorigin

Example

Optional values

html.crossorigin

Example

Optional values