[FR] Allow crossorigin="anonymous" on amp scripts in validator #24731
Description
Hey all,
currently, we are using a ServiceWorker to cache the amp scripts. We are not using the amp-sw script, as we have some complex cache purging strategies (like purging the cache, when the user visit certain URLs, or after a timeout). Instead we use our own ServiceWorker that uses Workbox.
Eventually, we found out that due to opaque responses our cache limit exceeded:
Feature Request
The usual workaround for this is to set crossorigin="anonymous", to make a cors request. But setting this attribute is disallowed by the amp validator. So, here is the feature request: Would it be possible to allow that? IMHO this won't make it worse..
This could be the recommended way of including amp scripts, so that folks that want to implement their own ServiceWorker (like us) wouldn't trip over that error (which is not obvious).
Question
We couldn't find out why this does not happen on amp.dev. Could someone enlighten us?
Workaround
We've managed to intercept the request, set the appropriate headers and cache that response. That works so far, but the feature request would be the much cleaner solution.
// Serve the AMP Runtime from cache and check for an updated version in the background
workbox.routing.registerRoute(
/^https:\/\/cdn\.ampproject\.org\/.*/,
new workbox.strategies.StaleWhileRevalidate({
cacheName: ampCache,
plugins: [
{
requestWillFetch: async ({request}) => {
// Return `request` or a different Request
return new Request(request.url, {
method: request.method,
headers: request.headers,
mode: 'cors',
credentials: 'same-origin',
redirect: 'manual'
});
}
}
]
})
)// cc @uasd7