Heads Up: Restriction on SharedArrayBuffers are coming in M91

February 17th, 2021

Starting in Chrome 91 (May, 2021), cross-origin isolation will be required on all platforms in order to access APIs like SharedArrayBuffer and performance.measureUserAgentSpecificMemory(). This brings our desktop platforms in line with Android, which shipped this restriction in Chrome 88.

In order to continue using these APIs, ensure that your pages are cross-origin isolated by serving the page with the following headers:

Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin


Be aware, once you do this, your page will not be able to load cross-origin content unless the resource explicitly allows it via a Cross-Origin-Resource-Policy header or CORS headers (Access-Control-Allow-* and so forth).

For more detailed adoption instructions and considerations, take a look at the guide to enable cross-origin isolation.

Posted by Lutz Vahl, Technical Program Manager