The HTTP Cross-Origin-Resource-Policy response header (CORP) indicates that the browser should block no-cors cross-origin or cross-site requests to the given resource.
It specifies resource owner's policy for what sites/origins should be allowed to load this resource.
SyntaxCross-Origin-Resource-Policy: same-site | same-origin | cross-origin
same-site
Resources can only be loaded from the same site.
same-origin
Resources can only be loaded from the same origin.
cross-origin
Resources can be loaded by any other origin/website.
For more examples, see https://resourcepolicy.fyi/.
Disallowing cross-origin no-cors requestsThe Cross-Origin-Resource-Policy header below will cause compatible user agents to disallow cross-origin no-cors requests:
Cross-Origin-Resource-Policy: same-origin
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4