This feature is only shown in the feature list to users with edit access.

Enforce Cross-Origin-Embedder-Policy in SharedWorker. Cross-Origin-Embedder-Policy HTTP header prevents documents and workers from loading cross-origin resources without an explicit opt-in, either with CORS or CORP. This was previously shipped for: Document, DedicatedWorker, and ServiceWorker. Now we want to bring support for SharedWorker.


Support COEP inside SharedWorker (M96) When used, it restricts the set of cross-origin resources the SharedWorker can fetch. An explicit opt-in via CORS or CORP is required from the cross-origin server. In the future, this will gate the crossOriginIsolated capability for SharedWorker, but this isn't implemented here.



Specification link

Final published standard: Recommendation, Living Standard, Candidate Recommendation, or similar final form

Status in Chromium


In developer trial (Behind a flag) (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.



We previously shipped COEP, but postponed the implementation for SharedWorker. - - This intent bridges the gap. This is already part of the HTML specification.

Search tags

coep, sharedworker, coop,

Last updated on 2021-09-07