I’d like to create a demo using @sqlite.org/sqlite-wasm - npm which requires the Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy headers to be set. Is there anyway to configure these for a static Glitch site?
1 Like
Hi and welcome, @lrowe! Unfortunately, this isn’t possible for a static site, although I believe Glitch has a default CORS policy for some kind of files, and you can implement some kind of system to prevent <iframe>s
Unfortunately due to security concerns a number of advanced browser features are now gated behind the top level document being served with appropriate headers to opt into cross origin isolation. For example see: SharedArrayBuffer - JavaScript | MDN
It would be great if Glitch considered adding support for this so it can stay relevant for more advanced browser use cases.
Try out coi-serviceworker - npm - it uses a service worker to alter the headers of each request (which is somehow allowed by the spec 
)
Thanks. That’s probably the best option. Unfortunately I’ve found service workers in Chrome to be unreliable after a hard reload. 1446885 - chromium - An open-source project to help move the web forward. - Monorail
oh wow that’s bizarre behaviour indeed
Yea, I think that’s intended for service workers, I would be all for this feature as well, a certain wasm rebuild of a game I have runs a bit better when sharedarraybuffer can be utilized for “threads”, but it’s quite annoying with the header requirement.