search

WICG / isolated-web-apps

Repository for explainers and other documents related to the Isolated Web Apps proposal.
Other
173 stars 12 forks source link

Switch to COEP: credentialless #30

Open cmfcmf opened 5 months ago

cmfcmf commented 5 months ago

I wonder whether we could switch to Cross-Origin-Embedder-Policy: credentialless (currently we set Cross-Origin-Embedder-Policy: require-corp). This would allow IWA developers to send no-cors requests. Currently, they cannot send no-cors requests at all.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy