Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cross-Origin-Opener-Policy

See original GitHub issue

We should implement Cross-Origin-Opener-Policy.

~We should pay attention to the Cross-Origin-Window-Policy header added in Safari 12.~

Because there’s no spec yet, we shouldn’t add this to Helmet yet. It could change quite a lot!

Issue Analytics

State:
Created 5 years ago
Comments:8 (3 by maintainers)

Top GitHub Comments

1reaction

Malvozcommented, Apr 8, 2020

@EvanHahn I’ve updated https://github.com/helmetjs/helmet/issues/177#issuecomment-483816720 with some links that might be helpful.

1reaction

Malvozcommented, Jan 23, 2020

Chrome status: https://chromestatus.com/feature/5432089535053824

Top Results From Across the Web

Cross-Origin-Opener-Policy - HTTP - MDN Web Docs

The HTTP Cross-Origin-Opener-Policy (COOP) response header allows you to ensure a top-level document does not share a browsing context group ...

Cross-Origin-Opener-Policy | XS-Leaks Wiki

To prevent other websites from gaining arbitrary window references to a page, applications can deploy Cross-Origin-Opener-Policy (COOP). There ...

Making your website "cross-origin isolated" using COOP and ...

1. Set the Cross-Origin-Opener-Policy: same-origin header on the top-level document # ... By enabling COOP: same-origin on a top-level document, windows with the ......

Cross-Origin-Opener-Policy - Chrome Platform Status

The Cross-Origin-Opener-Policy response header provides a way for a document to request a new browsing context group to better isolate ...

Cross-Origin Opener Policy - Report URI Documentation

Cross-Origin Opener Policy. What is COOP? The Spectre attack changed our understanding of what site operators need to do in order to keep...