Partager via


CoreWebView2HostResourceAccessKind Enum

Definition

Kind of cross origin resource access allowed for host resources during download. Note that other normal access checks like same origin DOM access check and Content Security Policy still apply. The following table illustrates the host resource cross origin access according to access context and COREWEBVIEW2_HOST_RESOURCE_ACCESS_KIND.

        Cross Origin Access Context | DENY | ALLOW | DENY_CORS
        --- | --- | --- | ---
        From DOM like src of img, script or iframe element| Deny | Allow | Allow
        From Script like Fetch or XMLHttpRequest| Deny | Allow | Deny
public enum CoreWebView2HostResourceAccessKind
type CoreWebView2HostResourceAccessKind = 
Public Enum CoreWebView2HostResourceAccessKind
Inheritance
CoreWebView2HostResourceAccessKind

Fields

Name Value Description
Deny 0

All cross origin resource access is denied, including normal sub resource access as src of a script or image element.

Allow 1

All cross origin resource access is allowed, including accesses that are subject to Cross-Origin Resource Sharing(CORS) check. The behavior is similar to a web site sends back http header Access-Control-Allow-Origin: *.

DenyCors 2

Cross origin resource access is allowed for normal sub resource access like as src of a script or image element, while any access that subjects to CORS check will be denied. See Cross-Origin Resource Sharing for more information.

Remarks

Note that other normal access checks like same origin DOM access check and Content Security Policy still apply. The following table illustrates the host resource cross origin access according to access context and CoreWebView2HostResourceAccessKind.

Cross Origin Access ContextDenyAllowDenyCors
From DOM like src of img, script or iframe elementDenyAllowAllow
From Script like Fetch or XMLHttpRequestDenyAllowDeny

Applies to