Request.credentials

The credentials read-only property of the Request interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests.

Syntax

var myCred = request.credentials;

Value

A RequestCredentials dictionary value indicating whether the user agent should send cookies from the other domain in the case of cross-origin requests. Possible values are:

omit: Never send or receive cookies.
same-origin: Send user credentials (cookies, basic http auth, etc..) if the URL is on the same origin as the calling script. This is the default value.
include: Always send user credentials (cookies, basic http auth, etc..), even for cross-origin calls.

This is similar to XHR’s withCredentials flag, but with three available values instead of two.

Example

In the following snippet, we create a new request using the Request.Request() constructor (for an image file in the same directory as the script), then save the request credentials in a variable:

var myRequest = new Request('flowers.jpg');
var myCred = myRequest.credentials; // returns "same-origin" by default

Specifications

Specification	Status	Comment
Fetch The definition of 'credentials' in that specification.	Living Standard	Initial definition

Browser compatibility

	Desktop						Mobile
	Chrome	Edge	Firefox	Internet Explorer	Opera	Safari	Android webview	Chrome for Android	Firefox for Android	Opera for Android	Safari on iOS	Samsung Internet
`credentials` Experimental	Chrome Full support 42 Full support 42 Full support 41 Disabled Disabled From version 41: this feature is behind the `Experimental Web Platform Features` preference. To change preferences in Chrome, visit chrome://flags.	Edge Full support 14	Firefox Full support 39 Full support 39 Full support 34 Disabled Disabled From version 34: this feature is behind the `dom.fetch.enabled` preference. To change preferences in Firefox, visit about:config.	IE No support No	Opera Full support 29 Full support 29 Full support 28 Disabled Disabled From version 28: this feature is behind the `Experimental Web Platform Features` preference.	Safari Full support 10.1	WebView Android Full support 42	Chrome Android Full support 42	Firefox Android Full support Yes	Opera Android Full support 29 Full support 29 Full support 28 Disabled Disabled From version 28: this feature is behind the `Experimental Web Platform Features` preference.	Safari iOS Full support 10.3	Samsung Internet Android Full support 4.0
Default value `same-origin`	Chrome Full support 72	Edge Full support 18	Firefox Full support 61	IE No support No	Opera Full support 55	Safari Full support 12.1	WebView Android Full support 72	Chrome Android Full support 72	Firefox Android Full support Yes	Opera Android No support No	Safari iOS Full support 12.2	Samsung Internet Android Full support 11.0

Legend

Full support: Full support
No support: No support
Experimental. Expect behavior to change in the future.: Experimental. Expect behavior to change in the future.
User must explicitly enable this feature.: User must explicitly enable this feature.