Doesn't using Google CDN for jquery break the rule of not using cross domain requests on the webpage. Do we trust Google enough to do this?
To link normal jQuery from Google CDN, add the Google CDN address in the src attribute of the script tag. The jquery. js can be added like below. Let's understand how to link minified jQuery from Google CDN with the help of a complete example.
CORS Proxy Servers can specify that they want browsers to allow other websites to request resources they host. CORS Proxy is simply an HTTP Proxy that adds a header to responses saying "anyone can request this".
The use of script tags from a foreign website are allowed within the browser itself. Because it is presumed that you intend to load this functionality. The scripts loaded are not able to communicate directly with the foreign domain though (XHR same-origin, except with CORS). Now, this is precisely why you don't want to allow for un-checked user input that could load a script from a foreign site. It is possible for a foreign script to do things you don't want, but if it is from a trusted source, it should be fine.
If google was caught to be using an injection via their CDN, there would be severe backlash, and I doubt it would ever happen, and if it did, would be corrected far more quickly than you would even notice the issue.
No, it doesn't break the rules of cross domain requests. When you include jQuery from Google's CDN, you are simply including a resource into your page (much like linking to an image). This does not fall into the Same Origin Policy security concept to which I assume you refer, which mostly encompasses XHR (ajax) requests.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With