Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue Specify a Cross-Origin Embedder Policy to prevent this frame from being blocked #313

Open
de2nvdanh opened this issue Mar 22, 2023 · 2 comments · May be fixed by #329
Open

Issue Specify a Cross-Origin Embedder Policy to prevent this frame from being blocked #313

de2nvdanh opened this issue Mar 22, 2023 · 2 comments · May be fixed by #329

Comments

@de2nvdanh
Copy link

My webstie has the Cross-Origin Embedder Policy (COEP) enable, so it block iframe. i can' using streamsaver. is there any way to solve this problem?
@jimmywarting
Copy link
Owner

I would recommend trying out https://github.com/jimmywarting/native-file-system-adapter
it have a self hosting service worker solution that don't involve iframes and 3rd party iframes

@qkdreyer qkdreyer mentioned this issue May 6, 2023
Merged
@goncalomb goncalomb linked a pull request Sep 16, 2023 that will close this issue
Open
@goncalomb
Copy link

On my project (https://webscan.goncalomb.com/) that uses SharedArrayBuffer / COEP, I'm using a document.createElement proxy to add the credentialless attribute that allows the iframe to load. I've opened a pull request, #329. Meanwhile you can use this snippet (it affects all iframes created with document.createElement):

const documentCE = document.createElement;
document.createElement = (...args: Parameters<Document['createElement']>) => {
  const el = documentCE.apply(document, args);
  if (args[0] === 'iframe') {
    el.setAttribute('credentialless', '');
  }
  return el;
};

https://developer.chrome.com/blog/iframe-credentialless/

https://developer.mozilla.org/en-US/docs/Web/Security/IFrame_credentialless

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Set iframe as credentialless to support COEP environments goncalomb/StreamSaver.js
3 participants
@jimmywarting @goncalomb @de2nvdanh