firka/flutter
firka/flutter
5
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[web] Set COEP:credentialless on flutter run/drive. (#152413)

Browse Source 
This PR changes the value of the `COEP` response header from `require-corp` to `credentialless` in the Flutter tool, when running `flutter run`/`drive` for Web projects.

This enables running tests compiled to wasm, that access 3P resources (like Google Maps) without blocking those resources.

Docs:

* https://developer.chrome.com/blog/coep-credentialless-origin-trial#credentialless_to_the_rescue

## Issue

* https://github.com/flutter/flutter/issues/152411
This commit is contained in:
David Iglesias 2024-07-30 16:14:06 -07:00 committed by GitHub
parent 4778895036
commit 111b4fe6d1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
packages/flutter_tools/lib/src/isolated/devfs_web.dart
View File

@ -1196,7 +1196,7 @@ class ReleaseAssetServer {
'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Origin': '*',
if (_needsCoopCoep && _fileSystem.path.extension(file.path) == '.html') ...<String, String>{ if (_needsCoopCoep && _fileSystem.path.extension(file.path) == '.html') ...<String, String>{
'Cross-Origin-Opener-Policy': 'same-origin', 'Cross-Origin-Opener-Policy': 'same-origin',
'Cross-Origin-Embedder-Policy': 'require-corp', 'Cross-Origin-Embedder-Policy': 'credentialless',
} }
}); });
} }
@ -1208,7 +1208,7 @@ class ReleaseAssetServer {
'Content-Type': 'text/html', 'Content-Type': 'text/html',
if (_needsCoopCoep) ...<String, String>{ if (_needsCoopCoep) ...<String, String>{
'Cross-Origin-Opener-Policy': 'same-origin', 'Cross-Origin-Opener-Policy': 'same-origin',
'Cross-Origin-Embedder-Policy': 'require-corp', 'Cross-Origin-Embedder-Policy': 'credentialless',
}, },
}); });
} }

4
packages/flutter_tools/lib/src/test/flutter_web_platform.dart
View File

@ -64,7 +64,7 @@ shelf.Handler createDirectoryHandler(Directory directory, { required bool crossO
if (needsCrossOriginIsolated) if (needsCrossOriginIsolated)
...<String, String>{ ...<String, String>{
'Cross-Origin-Opener-Policy': 'same-origin', 'Cross-Origin-Opener-Policy': 'same-origin',
'Cross-Origin-Embedder-Policy': 'require-corp', 'Cross-Origin-Embedder-Policy': 'credentialless',
}, },
}, },
); );
@ -539,7 +539,7 @@ class FlutterWebPlatform extends PlatformPlugin {
if (webRenderer == WebRendererMode.skwasm) if (webRenderer == WebRendererMode.skwasm)
...<String, String>{ ...<String, String>{
'Cross-Origin-Opener-Policy': 'same-origin', 'Cross-Origin-Opener-Policy': 'same-origin',
'Cross-Origin-Embedder-Policy': 'require-corp', 'Cross-Origin-Embedder-Policy': 'credentialless',
} }
}); });
} }

2
packages/flutter_tools/test/general.shard/web/web_asset_server_test.dart
View File

@ -160,7 +160,7 @@ void main() {
expect(response.statusCode, HttpStatus.ok); expect(response.statusCode, HttpStatus.ok);
final Map<String, String> headers = response.headers; final Map<String, String> headers = response.headers;
expect(headers['Cross-Origin-Opener-Policy'], 'same-origin'); expect(headers['Cross-Origin-Opener-Policy'], 'same-origin');
expect(headers['Cross-Origin-Embedder-Policy'], 'require-corp'); expect(headers['Cross-Origin-Embedder-Policy'], 'credentialless');
}); });
testWithoutContext('release asset server serves html content without COOP/COEP headers when specified', () async { testWithoutContext('release asset server serves html content without COOP/COEP headers when specified', () async {