Indicates when the browser should load the iframe: eager csp ExperimentalĪ Content Security Policy enforced for the embedded resource. See IFrame credentialless for more details. In return, the Cross-Origin-Embedder-Policy (COEP) embedding rules can be lifted, so documents with COEP set can embed third-party documents that do not. It uses a new context local to the top-level document lifetime. It doesn't have access to the network, cookies, and storage data associated with its origin.
Set to true to make the credentialless, meaning that its content will be loaded in a new, ephemeral context. Note: This attribute is considered a legacy attribute and redefined as allow='payment'. Allowing cross-origin use of images and canvas.HTML table advanced features and accessibility.