Cross Origin Isolation Guidance

Zoom Dev team, this Cross Origin Isolation business is all very foreign to my team. I went so far as to try and follow the guidance of adding the requisite headers to our NGINX configuration and registering our domain for SharedArrayBuffers origintrials:

add_header ‘cross-origin-resource-policy’ ‘*’;
add_header ‘Cross-Origin-Embedder-Policy’ ‘require-corp’;
add_header ‘Cross-Origin-Opener-Policy’ ‘same-origin’;

But that seems to break a lot of diverse features of our application, even something as simple as Google Login. We get a variety of failures in the devtools console like this as an example:

GET net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep

Is there some way we can get more hands-on support for making Zoom work in our application without breaking the rest of our application, or for helping us make the rest of our application continue to work given these new constraints? Please advise.

Hey @victor.aprea

Thanks for your feedback.

You can apply an origin trial first, Chrome team is still working on the new policy for SharedArrayBuffer.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.