-
Notifications
You must be signed in to change notification settings - Fork 431
Enabling Atomics
Partytown will use Atomics when they're enabled by the browser.
To enable Atomics communication, the browser's crossOriginIsolated readonly property must be true
.
To enable crossOriginIsolated, the document must have these response headers set:
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
- Cross-Origin-Embedder-Policy (COEP) response header prevents a document from loading any cross-origin resources that don't explicitly grant the document permission.
- Cross-Origin-Opener-Policy (COOP) response header allows you to ensure a top-level document does not share a browsing context group with cross-origin documents.
The biggest thing to highlight is that the Cross-Origin-Embedder-Policy: require-corp
does not allow images, scripts, videos, etc. to be loaded from another origin. For example, when this header is set, any scripts or images to a CDN will no longer work.
However, the crossorigin attribute can be used on individual elements, such as <audio>
, <img>
, <link>
, <script>
, and <video>
, which allows there requests to go through again and not be blocked.
Below is an example of adding the crossorigin
attribute to an image:
<img src="https://c.tenor.com/8wBCqZH60U8AAAAC/computer-cat.gif" crossorigin />