From fb540e99342d15155f9fcc5d14fd408dbccb9ac2 Mon Sep 17 00:00:00 2001
From: Ilayda Cavusoglu Pars <ilayda.cavusoglupars@canonical.com>
Date: Thu, 12 Sep 2024 10:02:26 +0300
Subject: [PATCH] feat:update corp

---
 webapp/handlers.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapp/handlers.py b/webapp/handlers.py
index dbdb0ca31..d65fc5a80 100644
--- a/webapp/handlers.py
+++ b/webapp/handlers.py
@@ -146,7 +146,7 @@ def add_headers(response):
         resources without credentials
         - Cross-Origin-Opener-Policy: enable the page to open pop-ups while
         maintaining same-origin policy
-        - Cross-Origin-Resource-Policy: allowing only same-origin requests to
+        - Cross-Origin-Resource-Policy: allowing cross-origin requests to
         access the resource
         - X-Permitted-Cross-Domain-Policies: disallows cross-domain access to
         resources
@@ -159,6 +159,6 @@ def add_headers(response):
         response.headers["Cross-Origin-Opener-Policy"] = (
             "same-origin-allow-popups"
         )
-        response.headers["Cross-Origin-Resource-Policy"] = "same-site"
+        response.headers["Cross-Origin-Resource-Policy"] = "cross-origin"
         response.headers["X-Permitted-Cross-Domain-Policies"] = "none"
         return response