iframe CORS and SharedArrayBuffer headers not working

Hello! I currently am hosting my personal website and am trying to embed an iframe on my site which contains a game I’ve been working on (hosted on I added a netlify.toml file with the following options:

# netlify.toml
  for = "/*"
    Access-Control-Allow-Origin = "*"
    Cross-Origin-Opener-Policy = "same-origin"
    Cross-Origin-Embedder-Policy = "require-corp"

And I’m met with the following

Thank you!

These headers only apply to your site when it is fetched or embedded in another site. They don’t apply to sites you are requesting/embedding in your site.

I only see one game on your site and I see no issue with it. I take it you solved it.