HTTP Headers: Cross-Origin-Embedder-Policy (COEP)
![HTTP Security Headers: Cross-Origin-Embedder Policy HTTP Security Headers: Cross-Origin-Embedder Policy](https://getsafe360.de/wp-content/uploads/2023/11/http-coep-534x300-1.jpg)
HTTP Headers: Cross-Origin-Embedder-Policy (COEP)
Wie Sie die Cross-Origin-Embedder-Policy einsetzen:
COEP or Cross Origin Embedder Policy is an HTTP-header based mechanism that prevents a document from loading cross-origin resources that don’t explicitly grant the document permission with CORP or CORS. COEP lets you declare that a document cannot load these resources.
Enabling COEP prevents a document from loading any non-same-origin resources which don’t explicitly grant the document permission to be loaded. The only allowed value for COEP is require-corp
.
To activate this policy, append the following HTTP header to the document:
PHP
header('Cross-Origin-Embedder-Policy: require-corp');
![GetSafe 360° Box GetSafe 360° Box](https://getsafe360.de/wp-content/uploads/2023/12/getsafe-box-250x300-1.jpg)
Rundum-Absicherung
- HTTP-Sicherheits-Header
- Inhaltsicherheitsrichtlinie (CSP)
- XSS-Absicherung
Ihr Internet-Auftritt ist nur so sicher wie die schwächste Stelle.
Schlüsselfertige Absicherung:
Unsere Experten erledigen diese Aufgabe komplett für Sie.
Statt 289,- € jetzt zum Vorzugspreis von 149,- €