Cross-Origin-Resource-Policy

HTTP response header

Header usage statistics

Cross-Origin-Resource-Policy response header information and usage statistics.

Websites using header Cross-Origin-Resource-Policy52,906
Percentage of websites that use Cross-Origin-Resource-Policy header<0.1%
Total discovered header values58
Header uses directivesYes
Header values are unique or randomNo
Most popular in the country US

Cross-Origin-Resource-Policy directives (3 total)

  • cross-origin
  • same-origin
  • same-site

Cross-Origin-Resource-Policy Directives

Cross-Origin-Resource-Policy directives value information and usage statistics

DirectiveShareWebsites countUnique Values
cross-origin82.42%43,6031
same-origin11.72%6,2021
same-site5.38%2,8461

Distribution by websites popularity

Cross-Origin-Resource-Policy detection in the top websites by popularity

Top 10k sites303 websites
Top 100k sites1,030 websites
Top 1m sites3,021 websites

Websites utilizing Cross-Origin-Resource-Policy

List of websites that use Cross-Origin-Resource-Policy header

DomainCountryRankContacts
ajax.googleapis.com US13
www.workplace.com US15
fonts.gstatic.com US18
maps.googleapis.com US22
maxcdn.bootstrapcdn.com US26
apis.google.com US29
See full domain list
Flat price per the report, subscription is not required.

Geographical Distribution

Header usage distribution by websites across the globe.






Common header values

List of top common Cross-Origin-Resource-Policy header values

Header valueValue prevalence
cross-origin82.30%
same-origin11.42%
same-site5.29%
same-origin;0.22%
(same-site|same-origin|cross-origin)0.11%
cross-origin;0.08%
unsafe-none0.08%
rollout0.06%
*0.05%
Same0.04%
(same-site)0.04%
same-site; report-to="default"0.03%
cross-site0.02%
same-origin; report-to="CrossOrigin-Endpoint"0.02%
SAMEORIGIN0.02%
same-origin; report-to="default"0.02%
same-site;0.01%
same-site, same-origin0.01%
(same-origin)0.01%
: same-origin0.01%