Itch.io iframe CORS and SharedArrayBuffer headers not working

jakethejrm · April 26, 2024, 4:03pm

Hello! I currently am hosting my personal website and am trying to embed an iframe on my site which contains a game I’ve been working on (hosted on itch.io). I added a netlify.toml file with the following options:

# netlify.toml
[[headers]]
  for = "/*"
  [headers.values]
    Access-Control-Allow-Origin = "*"
    Cross-Origin-Opener-Policy = "same-origin"
    Cross-Origin-Embedder-Policy = "require-corp"

And I’m met with the following

https://jacobmalone.netlify.app/

Thank you!

dig · April 26, 2024, 9:55pm

jakethejrm:

# netlify.toml
[[headers]]
  for = "/*"
  [headers.values]
    Access-Control-Allow-Origin = "*"
    Cross-Origin-Opener-Policy = "same-origin"
    Cross-Origin-Embedder-Policy = "require-corp"

These headers only apply to your site when it is fetched or embedded in another site. They don’t apply to sites you are requesting/embedding in your site.

I only see one game on your site and I see no issue with it. I take it you solved it.

Topic		Replies	Views
CORS and iframe Support environment-vars	9	1134	December 17, 2024
Cross origin headers are not working with Netlify Support building , deployment , cors , headers	1	19	July 7, 2025
Handle CORS and allow assets to be loaded in externally hosted iframe Support cors	5	1500	September 16, 2023
Can`t put my site iframe on another sites Support headers	11	2929	February 22, 2023
CORS headers appearing in resource response Support cors	6	706	May 13, 2021

Itch.io iframe CORS and SharedArrayBuffer headers not working

Related topics