Sub resource integrity (SRI) is a security feature that allows browsers to verify that files they grab (for example, from a CDN) are passed without unexpected operations. It works by allowing you to provide an encrypted hash / hash that the obtained file must match.

This enumeration property specifies whether CORS must be used when loading related pictures. Desirable values include the following two:
-Anonymous: a cross domain request will be initiated (i.e. including origin: HTTP header). However, no authentication information will be sent (that is, cookies, X.509 certificates and HTTP basic authentication information will not be sent). If the server does not give the origin certificate (access control allow origin: HTTP header is not set), this picture will be polluted and restricted.
-Use credentials: it will initiate a cross domain request with authentication information (sending cookies, X.509 certificates and HTTP basic authentication information) (i.e. including origin: HTTP header). If the server does not give the origin credentials (access control allow origin: HTTP header is not set), this picture will be contaminated and restricted. - when this property is not set, The resource will not be loaded by CORS (i.e. the origin: HTTP header will not be sent), which will prevent it from being used in the element. If an illegal value is set, anonymous is considered to be used

Chrome 45 or above, Firefox 43 or above, edge 17 or above, Safari 11 or above, opera 32 or above

Refer to official documents:https://www.w3.org/TR/SRI/