-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to set crossOriginEmbedderPolicy to 'unsafe-none' for images only? #176
Comments
Hey, Check out this docs about COEP from Mozilla https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy#avoiding_coep_blockage_with_cors |
Thank you! It seems I should simply add crossorigin to the img tag right? |
You should be able to just add the inheritAttrs to the component so that you can pass any custom prop to the component and then image. Having a crossorigin prop in the image is a good practise in general so I recommend to do that. |
I'm sorry I don't see how I could do this without altering the code of web3Modal? |
Ahh I see. I have no knowledge about this web3Modal package so not sure about how it was developed. You can try to pass the crossorigin attribute (some components and packages support that). If not, I think you would have to create similiar component on your own that will have this crossorigin attribute. Or you have to disable this rule. I am affraid that you have to choose one of the options above. |
Thanks for the explanation Baroshem and for the link to the other issue. I don't have control over the component, it is a modal that gets inserted into the dom at action of a button: (/plugins/web3Connection.js)
and I use it in app.vue like so:
So not sure how I could in this instance pass the crossorign attribute? |
There is no way to do that. I thought that it contains some component that you are using directly in your Nuxt app. But this is just a plugin as you descibed. At this point, I cant help you as I have no knowledge about this plugin. You have to wait for the plugin author to add a support for crossorigin. If you dont mind, I will close this issue as the solution from the NuxtSecurity has been provided and there is nothing more to be done IMO on the module side. If you will have any other questions in the future, please use the discussions tab instead of the bug issue. It is easier to navigate for me :) |
Thank you. I guess you are right. |
My nuxt 3 app needs to load a wasm file and for this it is necessary to set my crossOriginEmbedderPolicy to 'require-corp'. However, when doing that all the images that are coming from external websites are blocked as well. How can I set the crossOriginEmbedderPolicy to unsafe-none for images only?
Thank you
The text was updated successfully, but these errors were encountered: