kleisauke
commented
2 months ago You can set the COEP header to credentialless to allow loading of cross-origin resources that are not served with CORS or with the Cross-Origin-Resource-Policy (CORP) header.
Cross-Origin-Embedder-Policy: credentiallessSee https://developer.chrome.com/blog/coep-credentialless-origin-trial/ for more information.
There's only one caveat; this is not supported in Safari.
Eptagone
Hi. I have the following situation. I'm working with an admin panel. Some images and scripts come from an external CDN. The main project is not a NodeJS app. I use Vite as a bundler for CSS and some scripts.
I want to use this library to crop images, generate webp and thumbnails on client side but when I add the required headers for cross-origin isolation, all the images and scripts from the CDN stop working. The same happen with my assets from my local Vite Dev Server.
I am currently still looking for a solution to this and I would be very grateful if you know of any strategies, tricks or anything you can share to solve this problem.