Skip to content

Add "credentialless" to CrossOriginEmbedderPolicy enum #16991

New issue
New issue
Closed
#17027
Closed
Add "credentialless" to CrossOriginEmbedderPolicy enum#16991
#17027
Assignees
jzheaux
Labels
in: webAn issue in web modules (web, webmvc)status: duplicateA duplicate of another issuetype: enhancementA general enhancement
@pgeyman

Description

@pgeyman
pgeyman
opened on Apr 24, 2025

The Cross-Origin-Embedder-Policy header now supports the additional value credentialless (https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cross-Origin-Embedder-Policy#credentialless), but the Spring Security enum CrossOriginEmbedderPolicy does not have this value, so it is not possible to configure via DSL.

The CrossOriginEmbedderPolicy should have the additional value for credentialless so it is configurable via DSL.

Currently this enum value does not exist, so we have to add custom code to add this Cross-Origin-Embedder-Policy: credentialless header, rather than using the DSL.

Metadata

Metadata

Assignees

Labels

in: webAn issue in web modules (web, webmvc)status: duplicateA duplicate of another issuetype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions