Infrastructure/logto
0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00
Code Issues Activity

fix(core): remove the COOP policy (#5133)

Browse source 
remove the COOP policy
This commit is contained in:
simeng-li 2023-12-22 10:28:48 +08:00 committed by GitHub
parent b40bae9c5b
commit 9faa9841c5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
packages/core/src/middleware/koa-security-headers.ts
View file

@ -56,6 +56,7 @@ export default function koaSecurityHeaders<StateT, ContextT, ResponseBodyT>(
const basicSecurityHeaderSettings: HelmetOptions = { const basicSecurityHeaderSettings: HelmetOptions = {
contentSecurityPolicy: false, // Exclusively set per app contentSecurityPolicy: false, // Exclusively set per app
crossOriginOpenerPolicy: false, // Allow cross origin opener, as some apps rely on popup window for the sign-in flow
crossOriginEmbedderPolicy: { policy: 'credentialless' }, crossOriginEmbedderPolicy: { policy: 'credentialless' },
dnsPrefetchControl: false, dnsPrefetchControl: false,
referrerPolicy: { referrerPolicy: {