From 46daea1596f64ea1fc9ed0577f41f81e8fe4d92f Mon Sep 17 00:00:00 2001
From: Temirzhan Yussupov <timka2609@gmail.com>
Date: Mon, 25 May 2020 13:09:14 +0600
Subject: [PATCH] Details on cross-origin requests & credentials

Cross-origin requests initiated by embedded images and forms actually bring cookies by default. Though it is incorrect to say that all cross-origin requests do not bring credentials by default.
---
 5-network/05-fetch-crossorigin/article.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/5-network/05-fetch-crossorigin/article.md b/5-network/05-fetch-crossorigin/article.md
index 1394433d..36c57aed 100644
--- a/5-network/05-fetch-crossorigin/article.md
+++ b/5-network/05-fetch-crossorigin/article.md
@@ -309,7 +309,7 @@ JavaScript only gets the response to the main request or an error if there's no
 
 ## Credentials
 
-A cross-origin request by default does not bring any credentials (cookies or HTTP authentication).
+A cross-origin request initiated by JavaScript code by default does not bring any credentials (cookies or HTTP authentication).
 
 That's uncommon for HTTP-requests. Usually, a request to `http://site.com` is accompanied by all cookies from that domain. But cross-origin requests made by JavaScript methods are an exception.