My project uses a link to the CDN unpkg to include the Three JS package.
Sometimes my website gives a SSAA error in the debug console (shown below) for the link to the CDN.
Access to script at 'https://unpkg.com/three@0.158.0/examples/jsm/postprocessing/SSAARenderPass.js' from origin 'https://metaalminimaal.be' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I fixed this by adding crossorigin=‘anonymous’ to the script element.
you can’t rely on cdn’s, they fail, always will. unpkg has a problem (they did have issues recently/currently), your site is down. the hoster should be the only weak link and you often pay for it to have little to no down time.
npm create vite
# pick projectName
# pick javascript
cd projectName
npm install three
npm run dev
import * as THREE from 'three'
import { OrbitControls } from 'three/examples/jsm/controls/OrbitControls'
...
everything else can and will come to bite you. but not only that, with what you have above you ship megabytes of unused code and data for no reason since you lack minification and tree-shaking. that one file alone three.module.js is 1.2mb.
you would normally execute
npm run build
and now you can copy the contents of /dist on your server. this is a self reliant application that contains only the (minified) code you’re actually using.