Add Cross-Origin-Resource-Policy
security header
#10118
Labels
Milestone
Cross-Origin-Resource-Policy
security header
#10118
Related #9385
Expected Behavior
Allow to add
Cross-Origin-Resource-Policy
header via dsl and xml.https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)
Current Behavior
Currently those headers can only be provided via custom headers.
Context
When
Cross-Origin-Embedder-Policy
is set torequire-corp
, and if a cross origin resource supports CORS, thecrossorigin
attribute or theCross-Origin-Resource-Policy
header must be used to load it without being blocked by COEP.So when adding the support for
Cross-Origin-Embedder-Policy
we should also add support forCross-Origin-Resource-Policy
via dsl and xml.The text was updated successfully, but these errors were encountered: