Enable COEP and COOP Response headers

I have workers that need access to the Shared Array buffer, to do this I learned I need to set these response headers
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
On the top level response
Cross-Origin-Embedder-Policy: require-corp
On my included JS files

I thought I did this in my .htaccess file however I still get errors when trying ti initialize an Shared Array Buffer.
My .htaccess looks like

Header set Access-Control-Allow-Origin “same-origin”
Header set Cross-Origin-Embedder-Policy “require-corp”

<FilesMatch “.(js)$”>
Header set Cross-Origin-Embedder-Policy “require-corp”

When I get the webpages I check the response headers and the customer headers are set yet Shared Array Buffer still can not be initliazedz
Please advise

Have you tried bypassing Cloudflare and see if they are actually there (or doing a local host query from the server)?

Whether cloud flare is enabled or not the response headers return with the header key and value pairs I specified in the .htaccess file (this was determined by using postman, doing a get to the url and checking the response headers)
However it somehow is not working as my console still reports
SharedArrayBuffer usage is restricted to cross-origin isolated sites

If the header is returned then the issue is with something else, not related to Cloudflare. I feel this is not the best place to ask that…

1 Like

Thats what I thought as well, however my server provider said that this was a cloud flare issue
I don’t understand why setting a couple of headers has been this complex of a process

If the headers are returned as set on the server when on Cloudflare, the issue is by definition not coming from Cloudflare.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.