来自 MDN
匿名的
A cross-origin request (i.e., with Origin: HTTP header) is performed. But no credential is sent (i.e., no cookie, no X.509 certificate, and no HTTP Basic authentication is sent). If the server does not give credentials to the origin site (by not setting the Access-Control-Allow-Origin: HTTP header), the image will be tainted and its usage restricted.
使用凭证
A cross-origin request (i.e., with Origin: HTTP header) performed with credential is sent (i.e., a cookie, a certificate, and HTTP Basic authentication is performed). If the server does not give credentials to the origin site (through Access-Control-Allow-Credentials: HTTP header), the image will be tainted and its usage restricted.
但是,它们之间的用法区别是什么。
最佳答案
不同之处在于,凭据是针对来自该元素的请求发送的。服务器可能需要凭据才能批准请求。
关于cors - 跨域匿名和使用凭证有什么区别,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47378997/