Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Typeform not loading because of cross-origin isolation.
See original GitHub issueDescription
In a ReactJS application, I’m using a library that requires cross-origin isolation in order to use the SharedArrayBuffer feature. These are the headers I need to add:
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
The problem
The embedded Typeform is not loading anymore:
This is the error from the network activity tab in developer tools related to the Typeform resource:
To use this resource from a different origin, the server needs to specify a cross-origin resource policy in the response headers:
Cross-Origin-Resource-Policy: same-siteChoose this option if the resource and the document are served from the same site.Cross-Origin-Resource-Policy: cross-originOnly choose this option if an arbitrary website including this resource does not impose a security risk.
Issue Analytics
- State:
- Created 2 years ago
- Reactions:1
- Comments:8 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
The change was approved by security, I will update you here when we add the header.
Hi @jeton-th, we’re going to close out this issue for the time being.
As you know, we’ve spoken internally about solving this and whilst we’ve tried to make headway, the solution is more complex than we’d initially thought.
We appreciate it’s something that would improve your implementation of an embed and we’ve logged the feedback so that we can continue to assess how to prioritize an improvement.