Fix client-side onerror handling no working due to missing crossorigin attribute for CDN scripts

[wentsul]

Couple things to note:

• This needs to be set for __webpack_public_path__ but not sure if it should always be set for "critical chunk" scripts.
• I this fork deployed for a production and I'm now seeing client-side errors. Previously I was seeing "Script error." line 0.
• More information on why here: https://blog.sentry.io/2016/05/17/what-is-script-error
• Would to keep the tests but wasn't sure how to update the tests to only check for critical scripts. Changing el.crossOrigin === 'anonymous' was failing so I'm assuming there are other scripts.

[rtsao]

The reason this crossorigin logic exists is because of:
webpack/webpack#6972 (comment)

So this test is verifying that when not using a CDN, no crossorigin attributes are set. I don't think we want to delete these tests. I think this test should remain unchanged.

Instead, there are tests that do use a CDN, and we should verify that crossorigin attributes are set. As you point out, these assertions would probably currently fail.

[wentsul]

added tests for CDN case if we want to go that route.

[rtsao]

Now I'm thinking that this condition might not be the correct thing to check against, since __webpack_public_path__ could be a CDN. Perhaps it should be url.startsWith("/"), but I suppose that doesn't handle the case where the absolute url is same-origin (although this case might not matter in practice).

[wentsul]

It looks like the legacy ssr template used webpackPublicPath.startsWith('http') which is similar to what you mentioned. What about checking forCDN_URL?

const crossoriginAttr = process.env.CDN_URL ? ' crossorigin="anonymous"' : '';