Home
Docs
Blog
Articles
Home
Docs
Blog
Articles
扩展程序
欢迎 What's new in Chrome extensions Get help with Chrome extensions
欢迎 Extensions 101 Development basics Run scripts on every page Inject scripts into the active tab Manage tabs
欢迎了解 Manifest V3 扩展程序平台愿景 Overview of Manifest V3
What are themes? 常见问题 Extensions quality guidelines FAQ
Migrate to Manifest V3 Manifest V3 migration checklist Update the manifest Migrate to a service worker Update your code Replace blocking web request listeners Improve extension security Manifest V2 支持时间线 Known issues when migrating to Manifest V3
API reference Samples
Extension development overview Manifest file format 架构概述 Declare permissions Design the user interface Debugging extensions 示例
Message passing Content scripts Manage events with service workers Match patterns Using promises 跨域隔离
Cross-origin XMLHttpRequest Using eval in Chrome extensions
Overriding Chrome settings Extending DevTools Fetching favicons OAuth2: Authenticate users with Google Overriding Chrome pages Rich notifications API Native messaging
Protect user privacy Declare permissions and warn users Stay secure Accessibility (a11y) Localization message formats Give users options
托管扩展程序 Alternative extension installation methods Installing extensions on Linux Tutorial: Google analytics
About Manifest V2 Getting started
What are extensions? What are themes? Frequently asked questions
Extension development overview Manifest file format Architecture overview Declare permissions Design the user interface Debugging extensions Samples
Message passing Content scripts Manage events with background scripts Match patterns Cross-origin isolation
Cross-origin XMLHttpRequest Using eval in Chrome extensions
Overriding Chrome settings Extending DevTools OAuth2: Authenticate users with Google Overriding Chrome pages Rich notifications API
Protect user privacy Declare permissions and warn users Stay secure Accessibility (a11y) Localization message formats Give users options
Chrome Web Store Alternative extension distribution options Installing extensions on Linux Tutorial: Google analytics
扩展程序
欢迎 What's new in Chrome extensions Get help with Chrome extensions
欢迎 Extensions 101 Development basics Run scripts on every page Inject scripts into the active tab Manage tabs
欢迎了解 Manifest V3 扩展程序平台愿景 Overview of Manifest V3
What are themes? 常见问题 Extensions quality guidelines FAQ
Migrate to Manifest V3 Manifest V3 migration checklist Update the manifest Migrate to a service worker Update your code Replace blocking web request listeners Improve extension security Manifest V2 支持时间线 Known issues when migrating to Manifest V3
API reference Samples
Extension development overview Manifest file format 架构概述 Declare permissions Design the user interface Debugging extensions 示例
Message passing Content scripts Manage events with service workers Match patterns Using promises 跨域隔离
Cross-origin XMLHttpRequest Using eval in Chrome extensions
Overriding Chrome settings Extending DevTools Fetching favicons OAuth2: Authenticate users with Google Overriding Chrome pages Rich notifications API Native messaging
Protect user privacy Declare permissions and warn users Stay secure Accessibility (a11y) Localization message formats Give users options
托管扩展程序 Alternative extension installation methods Installing extensions on Linux Tutorial: Google analytics
About Manifest V2 Getting started
What are extensions? What are themes? Frequently asked questions
Extension development overview Manifest file format Architecture overview Declare permissions Design the user interface Debugging extensions Samples
Message passing Content scripts Manage events with background scripts Match patterns Cross-origin isolation
Cross-origin XMLHttpRequest Using eval in Chrome extensions
Overriding Chrome settings Extending DevTools OAuth2: Authenticate users with Google Overriding Chrome pages Rich notifications API
Protect user privacy Declare permissions and warn users Stay secure Accessibility (a11y) Localization message formats Give users options
Chrome Web Store Alternative extension distribution options Installing extensions on Linux Tutorial: Google analytics

Cross-origin isolation

Published on Updated on

Warning

The Chrome Web Store no longer accepts Manifest V2 extensions. Please use Manifest V3 when building new extensions. You will find a section on upgrading in the navigation tree at the left, including the Manifest V2 support timeline.

Cross-origin isolation enables a web page to use powerful features such as SharedArrayBuffer. An extension can opt into cross-origin isolation by specifying the appropriate values for the cross_origin_embedder_policy and cross_origin_opener_policy manifest keys. For example, a manifest like the one below will opt the extension's origin into cross-origin isolation.

{
  "name": "CrossOriginIsolation example",
  "manifest_version": 2,
  "version": "1.1",
  "cross_origin_embedder_policy": {
    "value": "require-corp"
  },
  "cross_origin_opener_policy": {
    "value": "same-origin"
  },
  ...
}

Opting into cross-origin isolation allows the extension to use powerful APIs like SharedArrayBuffers in its cross-origin isolated contexts. However, it does also come with certain side-effects. See Making your website "cross-origin isolated" using COOP and COEP for more information on this.

Caution

Even if an extension opts into cross-origin isolation, not all extension contexts will be cross-origin isolated. For example, cross-origin isolation is not fully implemented) for service and shared workers currently. Similarly, a cross-origin isolated extension's web-accessible subframe on a regular web page is not considered cross-origin isolated currently.

Updated on Improve article

We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
More details