Cross-Origin-Resource-Policy

HTTP response header

Header usage statistics

Cross-Origin-Resource-Policy response header information and usage statistics.

Websites using header Cross-Origin-Resource-Policy 23,479
Percentage of websites that use Cross-Origin-Resource-Policy header <0.1%
Total discovered header values 39
Header uses directives Yes
Header values are unique or random No
Most popular in the country United States of America

Cross-Origin-Resource-Policy Directives (3 total)

  • cross-origin
  • same-origin
  • same-site

Cross-Origin-Resource-Policy Directives

Cross-Origin-Resource-Policy directives value information and usage statistics

Directive Share Websites count Unique Values
cross-origin 81.01% 19,021 1
same-origin 10.26% 2,409 1
same-site 8.08% 1,897 1

Distribution by websites popularity

Cross-Origin-Resource-Policy detection in the top websites by popularity

Top 10k sites 103 websites
Top 100k sites 597 websites
Top 1m sites 1,416 websites

Websites utilizing Cross-Origin-Resource-Policy

List of websites that use Cross-Origin-Resource-Policy header

Domain Country Rank Contacts
www.youtube.com United States of America 6
maxcdn.bootstrapcdn.com United States of America 26
google-analytics.com United States of America 38
cdn.jsdelivr.net United States of America 42
www.blogger.com United States of America 44
play.google.com United States of America 47
See full domain list
Flat price per the report, subscription is not required.

Geographical Distribution

Header usage distribution by websites across the globe.






Common header values

List of top common Cross-Origin-Resource-Policy header values

Header value Value prevalence
cross-origin 80.89%
same-origin 10.15%
same-site 7.99%
(same-site|same-origin|cross-origin) 0.17%
unsafe-none 0.15%
Same 0.09%
cross-origin; 0.08%
cross-site 0.06%
same-origin; 0.05%
SAMEORIGIN 0.04%
* 0.04%
same-site; report-to="default" 0.03%
corp.response.header.value 0.03%
: (same-site|same-origin|cross-origin) 0.02%
same-site | same-origin | cross-origin 0.02%
(same-site) 0.02%
same-site, same-origin 0.02%
same-site, cross-origin 0.02%
(same-origin) 0.01%
(unsafe-none|require-corp); report-to='default' 0.01%