search

opencv / opencv

Open Source Computer Vision Library
https://opencv.org
Apache License 2.0
75.7k stars 55.61k forks source link

Add CORP header to opencv.js #25425

Open jrtcppv opened 2 weeks ago

jrtcppv commented 2 weeks ago

Describe the feature and motivation

Currently resources with COEP require-corp that attempt to load https://docs.opencv.org/4.x/opencv.js cannot load it because it lacks a CORP header. Can you add the Cross-Origin-Resource-Policy: cross-origin header to the resource (and other versions)?

Additional context

No response

opencv-alalek commented 2 weeks ago

This file is a part of OpenCV JS tutorials. Only reduced subset of functions is provided here (size vs functionality compromise). Due to this there is no official OpenCV JS release. We don't recommend to use that file directly in your projects. At least from these URLs.

Could you point on some sample web project where we could test that? (or jsfiddle/alternatives)

jrtcppv commented 2 weeks ago

I just set up an example at https://jon.tator.dev. The document is loaded with cross origin isolation (COEP is require-corp, COOP is same-origin. The document only includes the following <script> elements:

<script src="https://docs.opencv.org/4.x/opencv.js" crossorigin></script>
<script src="https://docs.opencv.org/4.x/opencv.js"></script>
<script src="https://cdn.jsdelivr.net/npm/jquery@3.6.4/dist/jquery.min.js" crossorigin></script>
<script src="https://cdn.jsdelivr.net/npm/jquery@3.6.4/dist/jquery.min.js"></script>

The first with crossorigin fails because Access-Control-Allow-Origin is not set. The second without crossorigin fails because Cross-Origin-Resource-Policy is not set. Ideally both of the first two scripts would load successfully.

The other two scripts are examples of resources that load; both of these headers are set for that resource.