Skip to content

Commit ea06bd2

Browse files
timmywiltimmywil
authored
codeorigin: add Cross-Origin-Resource-Policy header (#52)
Fixes gh-7 Fixes jquery/codeorigin.jquery.com#57
1 parent 9396ac2 commit ea06bd2

File tree

2 files changed

+13
-0
lines changed

2 files changed

+13
-0
lines changed

modules/profile/templates/codeorigin/site.nginx.erb

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -77,6 +77,12 @@ server {
7777
# responses during revalidation or downtime. Currently 1 year, and 7 days.
7878
add_header Cache-Control "public, max-age=31536000, stale-while-revalidate=604800";
7979
add_header Access-Control-Allow-Origin *;
80+
81+
# Allow users to opt in to Cross-Origin-Embedder-Policy
82+
# https://github.com/jquery/infrastructure-puppet/issues/7
83+
add_header Cross-Origin-Resource-Policy "cross-origin";
84+
85+
# Enable GZIP compression
8086
gzip on;
8187
gzip_comp_level 9;
8288
gzip_vary on;

test/CodeoriginTest.php

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@
3636
'cache-control' => 'public, max-age=31536000, stale-while-revalidate=604800',
3737
'access-control-allow-origin' => '*',
3838
'accept-ranges' => 'bytes',
39+
'cross-origin-resource-policy' => 'cross-origin',
3940
] );
4041

4142
Unit::testHttp( $server, '/qunit/qunit-2.0.0.css', [], [
@@ -49,6 +50,7 @@
4950
'cache-control' => 'public, max-age=31536000, stale-while-revalidate=604800',
5051
'access-control-allow-origin' => '*',
5152
'accept-ranges' => 'bytes',
53+
'cross-origin-resource-policy' => 'cross-origin',
5254
] );
5355

5456
Unit::testHttp( $server, '/ui/1.10.0/themes/base/images/ui-icons_222222_256x240.png', [], [
@@ -61,6 +63,7 @@
6163
'cache-control' => 'public, max-age=31536000, stale-while-revalidate=604800',
6264
'access-control-allow-origin' => '*',
6365
'accept-ranges' => 'bytes',
66+
'cross-origin-resource-policy' => 'cross-origin',
6467
] );
6568

6669
Unit::testHttp( $server, '/jquery-2.0.0.min.map', [], [
@@ -73,6 +76,7 @@
7376
'cache-control' => 'public, max-age=31536000, stale-while-revalidate=604800',
7477
'access-control-allow-origin' => '*',
7578
'accept-ranges' => 'bytes',
79+
'cross-origin-resource-policy' => 'cross-origin',
7680
] );
7781

7882
// Static asset
@@ -90,6 +94,7 @@
9094
'cache-control' => 'public, max-age=31536000, stale-while-revalidate=604800',
9195
'access-control-allow-origin' => '*',
9296
'accept-ranges' => 'bytes',
97+
'cross-origin-resource-policy' => 'cross-origin',
9398
] );
9499

95100
// Gzip Compression
@@ -106,6 +111,7 @@
106111
'etag' => '"28feccc0-40464"',
107112
'cache-control' => 'public, max-age=31536000, stale-while-revalidate=604800',
108113
'access-control-allow-origin' => '*',
114+
'cross-origin-resource-policy' => 'cross-origin',
109115
] );
110116

111117
Unit::testHttp( $server, '/qunit/qunit-2.0.0.css', [
@@ -120,6 +126,7 @@
120126
'etag' => '"28feccc0-1d20"',
121127
'cache-control' => 'public, max-age=31536000, stale-while-revalidate=604800',
122128
'access-control-allow-origin' => '*',
129+
'cross-origin-resource-policy' => 'cross-origin',
123130
] );
124131

125132
// Renamed files

0 commit comments

Comments
 (0)