Cross-Origin Resources

The Request Metrics agent gathers timing metrics for each resource you site loads (For example: JavaScript, Stylesheets and Image files). By default, browsers to not expose timings for resources loaded from domains other than the domain the webpage is hosted on. These are referred to as “cross-origin” resources.

Resource timings provide context that can help solve performance problems and Request Metrics works best when they are available.

TIP: When possible, we recommend adding Timing-Allow-Origin headers to all domains used by your website to load resources.

Add Header to HTTP Responses

The Timing-Allow-Origin header is returned in HTTP responses from a server hosting files for your website. It informs the browser whether the current site will have access to detailed resource timings. You’ll need to configure your server or service to return it. Its value can be a wildcard or a list of origins.

Timing-Allow-Origin With List of Origins

A list of site origins is used when you know exactly which sites will be requesting resources from the domain.

Timing-Allow-Origin: https://mysite.com, https://myothersite.com

Timing-Allow-Origin With Wildcard

A wildcard allows any site to view timing data for this resource. This is used on CDNs and shared assets where many different sites make requests to the same domain.

Timing-Allow-Origin: *