Skip to content

Add COOP/COEP headers for OPFS persistence on Vercel#6

Merged
coji merged 1 commit into
mainfrom
fix/vercel-coop-coep-headers
Dec 21, 2025
Merged

Add COOP/COEP headers for OPFS persistence on Vercel#6
coji merged 1 commit into
mainfrom
fix/vercel-coop-coep-headers

Conversation

@coji
Copy link
Copy Markdown
Owner

@coji coji commented Dec 21, 2025
edited by coderabbitai Bot
Loading

Summary

  • Add COOP/COEP headers required for OPFS persistence on Vercel
  • Root vercel.json is for the demo site deployment
  • examples/browser/vercel.json is for users deploying examples standalone

Test plan

  • Verify no OPFS errors in browser console after deployment
  • Verify response headers include Cross-Origin-Embedder-Policy: require-corp and Cross-Origin-Opener-Policy: same-origin

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Chores
    • Added deployment configuration with security headers to enhance cross-origin request handling.

✏️ Tip: You can customize this high-level summary in your review settings.

@coji @claude
Add COOP/COEP headers for OPFS persistence on Vercel
4fb1e15 
OPFS requires Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy
headers for SharedArrayBuffer support. Added vercel.json at root for the
demo deployment and in examples/browser for standalone deployments.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@vercel
Copy link
Copy Markdown

vercel Bot commented Dec 21, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
durably-demo Ready Ready Preview Dec 21, 2025 1:56pm

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Dec 21, 2025
edited
Loading

Caution

Review failed

The pull request is closed.

Walkthrough

Adds two vercel.json configuration files to define HTTP security headers for CORS policy enforcement. Both files set Cross-Origin-Embedder-Policy and Cross-Origin-Opener-Policy headers to manage cross-origin requests during Vercel deployments.

Changes

Cohort / File(s) Summary
Vercel deployment configuration
examples/browser/vercel.json, vercel.json		 Adds HTTP header rules for cross-origin security policies. Both files apply Cross-Origin-Embedder-Policy (require-corp) and Cross-Origin-Opener-Policy (same-origin) to all source requests via pattern matching.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

  • Both files are simple, identical configuration additions with straightforward header mappings
  • No logic, code, or behavioral changes to evaluate
  • Verify header values align with security requirements

Poem

🐰 In Vercel's realm where servers dwell,
A rabbit hops with headers swell,
CORP and Opener policies in place,
Cross-origin walls guard this space! 🔐

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix/vercel-coop-coep-headers
📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1b53931 and 4fb1e15.

📒 Files selected for processing (2)
  • examples/browser/vercel.json (1 hunks)
  • vercel.json (1 hunks)

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@coji coji merged commit 7e3cefe into main Dec 21, 2025
7 checks passed
@coji coji deleted the fix/vercel-coop-coep-headers branch March 5, 2026 12:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@coji