Add note for credentialless

2025-01-03 08:22:55 -07:00
parent b52186dcaa
commit 819c0e6372
1 changed files with 2 additions and 0 deletions
--- a/etc/nginx/snippets/cross-origin-security.conf
+++ b/etc/nginx/snippets/cross-origin-security.conf
@@ -7,5 +7,7 @@ add_header Cross-Origin-Resource-Policy "same-origin" always;
 proxy_hide_header Cross-Origin-Opener-Policy;
 add_header Cross-Origin-Opener-Policy "same-origin" always;

+# Change COEP to "credentialless" when supported by Safari
+# https://developer.mozilla.org/en-US/docs/Web/API/Window/credentialless
 proxy_hide_header Cross-Origin-Embedder-Policy;
 add_header Cross-Origin-Embedder-Policy "require-corp" always;