Cross-origin isolation enables a web page to use powerful features such as
SharedArrayBuffer
. An extension can opt into cross-origin isolation by
specifying the appropriate values for the cross_origin_embedder_policy
and
cross_origin_opener_policy
manifest keys. For example, a manifest like the one below
will opt the extension's origin into cross-origin isolation.
{
"name": "CrossOriginIsolation example",
"manifest_version": 2,
"version": "1.1",
"cross_origin_embedder_policy": {
"value": "require-corp"
},
"cross_origin_opener_policy": {
"value": "same-origin"
},
...
}
Opting into cross-origin isolation allows the extension to use powerful APIs like SharedArrayBuffers in its cross-origin isolated contexts. However, it does also come with certain side-effects. See Making your website "cross-origin isolated" using COOP and COEP for more information on this.