Cross-Origin-Resource-Policy:

Cross-Origin-Resource-Policy:

[7] Cross-Origin-Resource-Policy: ヘッダーは、 ドメイン横断アクセスに関する設定を記述できるものです。

仕様書

ヘッダー値

[8] ヘッダー値は、 same-originsame-site のいずれかです。大文字小文字は区別されます>>6

歴史

[5] From-Origin: ヘッダーの提案がいろいろあってこのヘッダー名になりました。

[1] Define hosts' public suffix and registrable domain. by mikewest · Pull Request #391 · whatwg/url () https://github.com/whatwg/url/pull/391

[2] Define Cross-Origin-Resource-Policy response header (annevk著, ) https://github.com/whatwg/fetch/commit/0cec471b1ba938d775415e2ea08a2d2be4e72413

[3] Define Cross-Origin-Resource-Policy response header by annevk · Pull Request #733 · whatwg/fetch () https://github.com/whatwg/fetch/pull/733

[4] Fetch: test Cross-Origin-Resource-Policy: same-site's scheme restriction by annevk · Pull Request #11428 · web-platform-tests/wpt () https://github.com/web-platform-tests/wpt/pull/11428

[9] Release Notes for Safari Technology Preview 59 | WebKit () https://webkit.org/blog/8332/release-notes-for-safari-technology-preview-59/

[10] Editorial: use %s ABNF notation (annevk著, ) https://github.com/whatwg/fetch/commit/e69e9c2b73b1aac124de47e8f32ee8979dfdb77a

[11] Remove "combined value" concept (yutakahirano著, ) https://github.com/whatwg/fetch/commit/8324d0a8192ce4b48de512d714726fe06fb92851

[12] Fetch Standard () https://fetch.spec.whatwg.org/#cross-origin-resource-policy-header

[13] Editorial: use origin-based "schemelessly same site" (domenic, , ) https://github.com/whatwg/fetch/commit/493c02127f49d6e9a4df5d56e2fcfa7fbaff48b2