W3cubDocs

/Support Tables

Cross-Origin Resource Sharing

Method of performing XMLHttpRequests across domains

Spec https://fetch.spec.whatwg.org/#http-cors-protocol
Status WHATWG Living Standard
IE Edge Firefox Chrome Safari Opera
      73    
    65 (4) 72    
    64 (4) 71 TP (3)  
11 18 63 (4) 70 12 (3) 56
10 (1) 17 62 (4) 69 11.1 (3) 55
9 (2) 16 61 (4) 68 11 (3) 54
8 (2) 15 60 67 10.1 (3) 53
Show all
7 14 59 66 10 (3) 52
6 13 58 65 9.1 (3) 51
5.5 12 57 64 9 (3) 50
    56 63 8 (3) 49
    55 62 7.1 (3) 48
    54 61 7 (3) 47
    53 60 6.1 (3) 46
    52 59 6 (3) 45
    51 58 5.1 (1,3) 44
    50 57 5 (1,3) 43
    49 56 4 (1,3) 42
    48 55 3.2 41
    47 54 3.1 40
    46 53   39
    45 52   38
    44 51   37
    43 50   36
    42 49   35
    41 48   34
    40 47   33
    39 46   32
    38 45   31
    37 44   30
    36 43   29
    35 42   28
    34 41   27
    33 40   26
    32 39   25
    31 38   24
    30 37   23
    29 36   22
    28 35   21
    27 34   20
    26 33   19
    25 32   18
    24 31   17
    23 30   16
    22 29   15
    21 28   12.1
    20 27   12
    19 26   11.6
    18 25   11.5
    17 24   11.1
    16 23   11
    15 22   10.6
    14 21   10.5
    13 20   10.0-10.1
    12 19   9.5-9.6
    11 18   9
    10 17    
    9 16    
    8 15    
    7 14    
    6 13    
    5 12 (1)    
    4 11 (1)    
    3.6 10 (1)    
    3.5 9 (1)    
    3 8 (1)    
    2 7 (1)    
      6 (1)    
      5 (1)    
      4 (1)    
iOS Safari Opera Mini Android Browser Blackberry Browser Opera Mobile Android Chrome Android Firefox IE Mobile Android UC Browser Samsung Internet QQ Browser Baidu Browser
12 (3) all 67 10 46 70 63 11 11.8 7.2 1.2 7.12
11.3-11.4 (3)   4.4.3-4.4.4 7 (1) 12.1     10 (1)   6.2    
11.0-11.2 (3)   4.4   12         5    
10.3 (3)   4.2-4.3 (1)   11.5         4    
Show all
10.0-10.2 (3)   4.1 (1)   11.1              
9.3 (3)   4 (1)   11              
9.0-9.2 (3)   3 (1)   10              
8.1-8.4 (3)   2.3 (1)                  
8 (3)   2.2 (1)                  
7.0-7.1 (3)   2.1 (1)                  
6.0-6.1 (3)                      
5.0-5.1 (1,3)                      
4.2-4.3 (1,3)                      
4.0-4.1 (1,3)                      
3.2 (1,3)                      

Notes

  1. Does not support CORS for images in <canvas>

  2. Supported somewhat in IE8 and IE9 using the XDomainRequest object (but has limitations)

  3. Does not support CORS for <video> in <canvas>: https://bugs.webkit.org/show_bug.cgi?id=135379

  4. Does not support CORS for resources which redirect: https://bugzilla.mozilla.org/show_bug.cgi?id=1346749

Bugs

  • IE10+ does not send cookies when withCredential=true (IE Bug #759587). A workaround is to use a P3P policy

  • IE10+ does not make a CORS request if port is the only difference (IE Bug #781303)

  • Android and some old versions of WebKit (that may be found in various webview implementations) do not support Access-Control-Expose-Headers: https://code.google.com/p/android/issues/detail?id=56726

  • IE11 does not appear to support CORS for images in the canvas element

Resources

Data by caniuse.com
Licensed under the Creative Commons Attribution License v4.0.
http://caniuse.com/#feat=cors