Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Support Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy on dev server

See original GitHub issue

Clear and concise description of the problem

Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy headers are necessary to support SharedArrayBuffer, as is explained in this article.

But so far, on Vite.js website and docs, there is no description of that, which would be a pain.

Here (https://vitejs.dev/config/#server-https) in docs, no examples are given.

server.https
Type: boolean | https.ServerOptions

Enable TLS + HTTP/2. Note this downgrades to TLS only when the server.proxy option is also used.

The value can also be an options object passed to https.createServer().

Usually in node.js it is set like this:

response.writeHead(200, { "Content-Type": mimeType ,
  "Cross-Origin-Opener-Policy": "same-origin",
  "Cross-Origin-Embedder-Policy": "require-corp" });

But it seems that in vite there is no way to do it?

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Reactions:9
  • Comments:9 (1 by maintainers)

github_iconTop GitHub Comments

18reactions
chaosprintcommented, Jun 23, 2021

Well, I build this plugin. It works for my purpose but may require further testing. https://github.com/chaosprint/vite-plugin-cross-origin-isolation

12reactions
ssc-hrep3commented, Sep 17, 2021

To add custom headers, you can add the following snippet inline to the vite.config.ts file. The code is based on the plugin of @chaosprint. Thank you for that!

import { defineConfig } from 'vite';

export default defineConfig({
  plugins: [
    {
      name: 'configure-response-headers',
      configureServer: server => {
        server.middlewares.use((_req, res, next) => {
          res.setHeader('Test-Header', 'A random value');
          next();
        });
      }
    }
  ]
});
Read more comments on GitHub >

github_iconTop Results From Across the Web

Cross-Origin-Opener-Policy - HTTP - MDN Web Docs
The HTTP Cross-Origin-Opener-Policy (COOP) response header allows you to ensure a top-level document does not share a browsing context group ...
Read more >
A guide to enable cross-origin isolation - web.dev
This guide shows you how to enable cross-origin isolation. Cross-origin isolation is required if you want to use SharedArrayBuffer ...
Read more >
Enabling COOP/COEP without touching the server
The main one is that the Cross-Origin-Embedder-Policy header makes ... First, we register our service worker in a Javascript file that gets ...
Read more >
node.js - Setting Cross-origin-Embedder-Policy and Cross ...
So I read that I need to set those headers ̀ Cross-Origin-Opener-Policy: same-origin Cross-Origin-Embedder-Policy: require-corp.
Read more >
Cross-Browser support with Cross-Origin isolation
Cross -Origin-Opener-Policy: same-origin. Cross-Origin-Embedder-Policy: require-corp. If done correctly, you can check if your page is ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Pre-bundled dependencies doesn't dedupe imports in external files

Next page

`vite build` ignores `optimizeDeps.include`