Request.credentials

The credentials read-only property of the Request interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests. This is similar to XHR’s withCredentials flag, but with three available values (instead of two):

omit: Never send cookies.
same-origin: Send cookies if the URL is on the same origin as the calling script.
include: Always send cookies, even for cross-origin calls.

Syntax

var myCred = request.credentials;

Value

A RequestCredentials value.

Example

In the following snippet, we create a new request using the Request.Request() constructor (for an image file in the same directory as the script), then save the request credentials in a variable:

var myRequest = new Request('flowers.jpg');
var myCred = myRequest.credentials; // returns "omit" by default

Specifications

Specification	Status	Comment
Fetch The definition of 'credentials' in that specification.	Living Standard	Initial definition

Feature	Chrome	Edge	Firefox (Gecko)	Internet Explorer	Opera	Safari (WebKit)
Basic support	42 41^[1]	(Yes)	39 (39) 34^[1]	No support	29 28^[1]	No support

Feature	Android	Edge	Firefox Mobile (Gecko)	Firefox OS (Gecko)	IE Phone	Opera Mobile	Safari Mobile	Chrome for Android
Basic support	No support	(Yes)	No support	No support	No support	No support	No support	No support

[1] This feature is implemented behind a preference.

Syntax

Value

Example

Specifications

Browser compatibility

See also

Document Tags and Contributors