You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Just clarifying, does Document-Isolation-Policy: isolated-and-require-corp require a cross-origin iframe to have a CORP header to be loaded?
Exactly like in the app with cross-origin popup case, the app can deploy a Document-Isolation-Policy of isolated-and-credentialless or isolated-and-require-corp on its documents. If the platform can support the isolation, it will get access to COI gated APIs. In any case, there are no particular restrictions on embedding cross-origin iframes.
The text was updated successfully, but these errors were encountered:
Just clarifying, does
Document-Isolation-Policy: isolated-and-require-corp
require a cross-origin iframe to have a CORP header to be loaded?The text was updated successfully, but these errors were encountered: