Skip to content

Commit

Permalink
Add Cross-Origin-Embedder-Policy to Match (CO-2720)
Browse files Browse the repository at this point in the history
  • Loading branch information
arlen committed Jun 25, 2025
1 parent 11f0a76 commit 073775c
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion app/templates/element/httpHeaders.php
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,12 @@
header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");

header("Content-Security-Policy: object-src 'none'; base-uri 'none'; frame-ancestors 'self'");
header("X-Content-Type-Options: nosniff");
header("Permissions-Policy: accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=(),gamepad=(),hid=(),idle-detection=(),interest-cohort=(),serial=()");
header("Cross-Origin-Opener-Policy: same-origin");
header("Cross-Origin-Embedder-Policy: require-corp");
header("X-Permitted-Cross-Domain-Policies: none");

// Add X-UA-Compatible header for IE
Expand Down

0 comments on commit 073775c

Please sign in to comment.