search

jimmywarting / StreamSaver.js

StreamSaver writes stream to the filesystem directly asynchronous
https://jimmywarting.github.io/StreamSaver.js/example.html
MIT License
3.95k stars 413 forks source link

Issue Specify a Cross-Origin Embedder Policy to prevent this frame from being blocked #313

Open de2nvdanh opened 1 year ago

de2nvdanh commented 1 year ago

My webstie has the Cross-Origin Embedder Policy (COEP) enable, so it block iframe. i can' using streamsaver. is there any way to solve this problem?

jimmywarting commented 1 year ago

I would recommend trying out https://github.com/jimmywarting/native-file-system-adapter it have a self hosting service worker solution that don't involve iframes and 3rd party iframes

goncalomb commented 10 months ago

On my project (https://webscan.goncalomb.com/) that uses SharedArrayBuffer / COEP, I'm using a document.createElement proxy to add the credentialless attribute that allows the iframe to load. I've opened a pull request, #329. Meanwhile you can use this snippet (it affects all iframes created with document.createElement):

const documentCE = document.createElement;
document.createElement = (...args: Parameters<Document['createElement']>) => {
  const el = documentCE.apply(document, args);
  if (args[0] === 'iframe') {
    el.setAttribute('credentialless', '');
  }
  return el;
};

https://developer.chrome.com/blog/iframe-credentialless/

https://developer.mozilla.org/en-US/docs/Web/Security/IFrame_credentialless