Cross-Origin-Resource-Policy HTTP response header

Cross-Origin-Resource-Policy

HTTP response header

Cross-Origin-Resource-Policy response header information and usage statistics.


Websites using header Cross-Origin-Resource-Policy	23,479
Percentage of websites that use Cross-Origin-Resource-Policy header	<0.1%
Total discovered header values	39
Header uses directives	Yes
Header values are unique or random	No
Most popular in the country	United States of America

Cross-Origin-Resource-Policy directives value information and usage statistics

Directive	Share	Websites count	Unique Values
cross-origin	81.01%	19,021	1
same-origin	10.26%	2,409	1
same-site	8.08%	1,897	1

Cross-Origin-Resource-Policy detection in the top websites by popularity

List of websites that use Cross-Origin-Resource-Policy header

Domain	Country	Rank
www.youtube.com	United States of America	6
maxcdn.bootstrapcdn.com	United States of America	26
google-analytics.com	United States of America	38
cdn.jsdelivr.net	United States of America	42
www.blogger.com	United States of America	44
play.google.com	United States of America	47

See full domain list
Flat price per the report, subscription is not required.

Header usage distribution by websites across the globe.

List of top common Cross-Origin-Resource-Policy header values

Header value	Value prevalence
cross-origin	80.89%
same-origin	10.15%
same-site	7.99%
(same-site\|same-origin\|cross-origin)	0.17%
unsafe-none	0.15%
Same	0.09%
cross-origin;	0.08%
cross-site	0.06%
same-origin;	0.05%
SAMEORIGIN	0.04%
*	0.04%
same-site; report-to="default"	0.03%
corp.response.header.value	0.03%
: (same-site\|same-origin\|cross-origin)	0.02%
same-site \| same-origin \| cross-origin	0.02%
(same-site)	0.02%
same-site, same-origin	0.02%
same-site, cross-origin	0.02%
(same-origin)	0.01%
(unsafe-none\|require-corp); report-to='default'	0.01%