Related #9385
Expected Behavior
Allow to add Cross-Origin-Resource-Policy header via dsl and xml.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)
Current Behavior
Currently those headers can only be provided via custom headers.
Context
When Cross-Origin-Embedder-Policy is set to require-corp, and if a cross origin resource supports CORS, the crossorigin attribute or the Cross-Origin-Resource-Policy header must be used to load it without being blocked by COEP.
So when adding the support for Cross-Origin-Embedder-Policy we should also add support for Cross-Origin-Resource-Policy via dsl and xml.
Related #9385
Expected Behavior
Allow to add
Cross-Origin-Resource-Policyheader via dsl and xml.https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)
Current Behavior
Currently those headers can only be provided via custom headers.
Context
When
Cross-Origin-Embedder-Policyis set torequire-corp, and if a cross origin resource supports CORS, thecrossoriginattribute or theCross-Origin-Resource-Policyheader must be used to load it without being blocked by COEP.So when adding the support for
Cross-Origin-Embedder-Policywe should also add support forCross-Origin-Resource-Policyvia dsl and xml.