crossOriginEmbedderPolicy function

Middleware crossOriginEmbedderPolicy({
  1. CrossOriginEmbedderPolicyOptions policy = CrossOriginEmbedderPolicyOptions.requireCorp,
})

Sets the Cross-Origin-Embedder-Policy header to require-corp. See MDN's article on this header for more. Example:

import 'package:shelf_helmet/shelf_helmet.dart'

// Sets Cross-Origin-Embedder-Policy: require-corp
.addMiddleware(crossOriginEmbedderPolicy());

// Sets "Cross-Origin-Embedder-Policy: credentialless"
.addMiddleware(crossOriginEmbedderPolicy(
  policy: CrossOriginEmbedderPolicyOptions.credentialLess
));

Implementation

Middleware crossOriginEmbedderPolicy({
  CrossOriginEmbedderPolicyOptions policy =
      CrossOriginEmbedderPolicyOptions.requireCorp,
}) {
  return (innerHandler) {
    return (request) async {
      final response = await innerHandler(request);
      return response.change(
        headers: {
          'cross-origin-embedder-policy': policy.option,
          ...response.headersAll,
        },
      );
    };
  };
}