-
Notifications
You must be signed in to change notification settings - Fork 0
/
constants.ts
28 lines (24 loc) · 1.5 KB
/
constants.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
// Copyright 2023-latest the httpland authors. All rights reserved. MIT license.
// This module is browser compatible.
/** Cross-origin embedder policy value.
* @see [embedder policy value](https://html.spec.whatwg.org/multipage/browsers.html#embedder-policy-value)
*/
export enum EmbedderPolicyValue {
/** Cross-origin resources can be fetched without giving explicit permission through the [CORS protocol](https://fetch.spec.whatwg.org/#http-cors-protocol) or the [`Cross-Origin-Resource-Policy`](https://fetch.spec.whatwg.org/#http-cross-origin-resource-policy) header.
* @see ["unsafe-none"](https://html.spec.whatwg.org/multipage/browsers.html#coep-unsafe-none)
*/
UnsafeNone = "unsafe-none",
/** Fetching cross-origin resources requires the server's explicit permission through the [CORS protocol](https://fetch.spec.whatwg.org/#http-cors-protocol) or the [`Cross-Origin-Resource-Policy`](https://fetch.spec.whatwg.org/#http-cross-origin-resource-policy) header.
* @see ["require-corp"](https://html.spec.whatwg.org/multipage/browsers.html#coep-require-corp)
*/
RequireCorp = "require-corp",
/** Fetching cross-origin no-CORS resources omits credentials.
* @see ["credentialless"](https://html.spec.whatwg.org/multipage/browsers.html#coep-credentialless)
*/
Credentialless = "credentialless",
}
export const enum PolicyHeader {
CrossOriginEmbedderPolicy = "cross-origin-embedder-policy",
CrossOriginEmbedderPolicyReportOnly =
`${PolicyHeader.CrossOriginEmbedderPolicy}-report-only`,
}