Explain
CORP (Cross-Origin-Resource-Policy)
Allows a resource to declare whether it can be requested from other origins (helps COEP / prevents leaks).
InfoCategory: headers
What it is
CORP is set on resources (images, scripts, etc.) to control which origins can load them.
Common values
- same-origin
- same-site
- cross-origin (least restrictive)
Related guides