Skip to main content

src/plume@cross_origin_embedder_policy.erl

-module(plume@cross_origin_embedder_policy).
-compile([no_auto_import, nowarn_unused_vars, nowarn_unused_function, nowarn_nomatch, inline]).
-define(FILEPATH, "src/plume/cross_origin_embedder_policy.gleam").
-export([to_string/1]).
-export_type([cross_origin_embedder_policy/0]).

-if(?OTP_RELEASE >= 27).
-define(MODULEDOC(Str), -moduledoc(Str)).
-define(DOC(Str), -doc(Str)).
-else.
-define(MODULEDOC(Str), -compile([])).
-define(DOC(Str), -compile([])).
-endif.

?MODULEDOC(
    " Cross-Origin Embedder Policy (COEP)\n"
    "\n"
    " This response header controls whether a document can load cross-origin\n"
    " resources that don't explicitly grant permission via CORS or\n"
    " `Cross-Origin-Resource-Policy`. Required alongside\n"
    " `Cross-Origin-Opener-Policy` to enable cross-origin isolation. Not\n"
    " configured by default.\n"
    "\n"
    " See the [MDN docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cross-Origin-Embedder-Policy).\n"
).

-type cross_origin_embedder_policy() :: unsafe_none |
    require_corp |
    credentialless.

-file("src/plume/cross_origin_embedder_policy.gleam", 27).
?DOC(" Encode as the `Cross-Origin-Embedder-Policy` header value.\n").
-spec to_string(cross_origin_embedder_policy()) -> binary().
to_string(Value) ->
    case Value of
        unsafe_none ->
            <<"unsafe-none"/utf8>>;

        require_corp ->
            <<"require-corp"/utf8>>;

        credentialless ->
            <<"credentialless"/utf8>>
    end.