Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CROSSORIGIN, CREDENTIALS, PRIORITY and ACCEPT MIME #434

Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

CROSSORIGIN, CREDENTIALS, PRIORITY and ACCEPT MIME #434

wants to merge 11 commits into from

Conversation

giorgiopellegrino
Copy link

Dear @addyosmani @XhmikosR ,

I am submitting this pull request to address issues encountered within our Luxottica e-commerce group, where we observed inconsistent resource prefetching behavior across different browsers.

Currently, three prefetching methods are implemented:

  1. viaDom – Prefetches resources without checking the Access-Control-Allow-Origin header, using the attribute crossorigin="anonymous".
  2. viaXhr – Fetches resources while always validating the Access-Control-Allow-Credentials response header.
  3. viaFetch – Executes a fetch request that defaults to mode: "cors" and checks Access-Control-Allow-Origin, while credentials: "include" ensures Access-Control-Allow-Credentials validation.

Additionally, I have handled resource prioritization for Safari devices, adding the priority: "low|high" property specifically for fetch requests. All parameters are set to false by default but can be adjusted as needed.

The updated method signature for prefetching is as follows:

prefetch(url, isPriority, checkAccessControlAllowOrigin, checkAccessControlAllowCredentials)

I would appreciate your review of these improvements.

Thank you,
Giorgio

c.c. @gilbertococchi

@giorgiopellegrino giorgiopellegrino mentioned this pull request Oct 29, 2024
Open
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 21, 2024
View reviewed changes
src/prefetch.mjs
// TODO: Investigate using preload for high-priority
// fetches. May have to sniff file-extension to provide
// valid 'as' values. In the future, we may be able to
// use Priority Hints here.
//
// As of 2018, fetch() is high-priority in Chrome
// and medium-priority in Safari.
return window.fetch ? fetch(url, {credentials: 'include'}) : viaXHR(url);
options = {headers: {accept: '*/*'}};

Check warning

Code scanning / CodeQL

Missing variable declaration Warning

Variable options is used like a local variable, but is missing a declaration.
@giorgiopellegrino
Copy link
Author

Hello @addyosmani ,

I noticed that the code in the pull request did not pass the size limit test. Could you consider increass the size limits? The increase in resource size is due to the introduction of new arguments and parameters.

Thank you,
Giorgio

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@giorgiopellegrino