[
https://issues.apache.org/jira/browse/WICKET-6805?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Santiago Diaz updated WICKET-6805:
----------------------------------
Summary: Add Cross-Origin Opener Policy and Cross-Origin Embedder Policy
support (was: Add Cross-Origin Opener Policy Support)
> Add Cross-Origin Opener Policy and Cross-Origin Embedder Policy support
> -----------------------------------------------------------------------
>
> Key: WICKET-6805
> URL: https://issues.apache.org/jira/browse/WICKET-6805
> Project: Wicket
> Issue Type: New Feature
> Components: wicket-core
> Reporter: Santiago Diaz
> Priority: Major
>
> We would like to add support in Wicket for Cross-Origin Opener Policy.
> COOP is a security mitigation that lets developers isolate their resources
> against side-channel attacks and information leaks. COOP is now supported by
> all major browsers.
> A COOP request cycle listener will be implemented to add COOP headers to HTTP
> responses, allowing developers to configure COOP to use {{unsafe-none}},
> {{same-site}} or {{same-origin}}. Finally, developers will be able to disable
> COOP entirely for a set of exempted paths that are intended to be used
> cross-site.
>
> References:
> [https://web.dev/why-coop-coep/]
> [https://web.dev/coop-coep/]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
