This is an example of source code from an HTML page with basic settings:
1 2 3 4 | <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css" integrity="sha512-...==" crossorigin="anonymous" referrerpolicy="no-referrer" /> |
The integrity attribute is used to ensure that the resource is loaded – in this case, the CSS file from the external CDN. The attribute value contains a cryptographic hash of the file contents, which is checked against the downloaded file to verify its integrity.
The crossorigin attribute specifies how the browser should handle requests.
It can have one of three values: anonymous, use-credentials, or an empty string.
If the attribute is not present or has an empty string value, the browser will not send any CORS headers with the request.
The referrerpolicy attribute controls how much information about the referring URL is sent to the server.
You can use one of four values: no-referrer, no-referrer-when-downgrade, same-origin, or strict-origin-when-cross-origin.
If set to no-referrer is the default, no information about the referring URL is sent. If set to no-referrer-when-downgrade, the referring URL is sent when navigating from HTTPS to HTTP. If set to same-origin, the referring URL is only sent when it is from the same origin as the requested resource. If set to strict-origin-when-cross-origin, the referring URL is sent when the requesting page and the requested resource are from the same origin, or when navigating from an HTTPS page to an HTTP resource on the same origin.