io.camunda.security.configuration.headers.CrossOriginOpenerPolicyConfig

public class CrossOriginOpenerPolicyConfig extends Object

Configures Cross-Origin-Opener-Policy (COOP) header for window isolation.

COOP allows a website to control whether a new top-level document opened via window.open() or navigation is opened in the same browsing context group (BCG). This provides process isolation between windows, preventing: - Cross-origin access to window.opener - Side-channel attacks like Spectre - Unintended information leakage between windows

Default: SAME_ORIGIN_ALLOW_POPUPS - Balances security with compatibility by: - Isolating the window from cross-origin openers - Still allowing popups to be opened (common use case) - Preventing direct DOM access between cross-origin windows

Works with COEP to enable "cross-origin isolation" for advanced features.

See Also:

Constructor Summary

Constructors

Constructor

Description

CrossOriginOpenerPolicyConfig()
Method Summary

Modifier and Type

Method

Description

CrossOriginOpenerPolicy

getValue()

void

setValue(CrossOriginOpenerPolicy value)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- CrossOriginOpenerPolicyConfig
  
  public CrossOriginOpenerPolicyConfig()
Method Details
- getValue
  
  public CrossOriginOpenerPolicy getValue()
- setValue
  
  public void setValue(CrossOriginOpenerPolicy value)

Class CrossOriginOpenerPolicyConfig

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

CrossOriginOpenerPolicyConfig

Method Details

getValue

setValue