Upcoming issues with SharedArrayBuffer
#22
Comments
|
So, I tried adding these security headers to Kiwix JS PWA docker instance: Unfortunately, the effect is to block any programmatic access to the iframe. Need to investigate if there is a way to loosen this. I find it very strange that an iframe that is clearly serving content from the same origin should be blocked by these headers. It isn't serving (and cannot serve) content from other locations. |
|
Further info here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy. Note this text:
Suggested solution is to add |
|
See also this convoluted solution: https://stackoverflow.com/a/71817085. |
|
On reflection, it's not clear to me whether sharedArrayBuffer is the real issue here, or in fact the lack of support for Atomics in some browsers. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be now be reviewed manually. Thank you for your contributions. |
It is worth noting that Chrome will disable
SharedArrayBufferby default from Chrome 113 unless a site is cross origin isolated, which means that it serves these headers:See https://developer.chrome.com/blog/enabling-shared-array-buffer/
It is relevant for this Repo, as the type of File Reader that we enable when compiling the WASM uses
SharedArrayBufferto pass a multi-gigabyte File to the WASM Worker without copying or loading in memory. This is why the WASM doesn't work on Chrome Mobile, where there is no support forSharedArrayBufferexcept behind a flag, and it seems no support at all for it with POSIX threading enabled in source binaries.For the PWA versions, we should be able to serve those headers. Other versions that don't use https: may struggle. We may need to look into alternative file systems for the WASM.
The text was updated successfully, but these errors were encountered: