From fa0ce9e7f94e576f846ec9e081e982845ef7bb16 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andy=20Hawkins=20=E2=80=94=20=28=CC=90=CC=85=CC=96=CC=A3?=
 =?UTF-8?q?=CD=95=CC=A0=CC=AC=CC=AD=CC=9E=CC=AAi=CC=89=CD=AE=CC=AD=CC=A3?=
 =?UTF-8?q?=CD=88=CC=AA=CC=A0s=CD=91=CD=8C=CD=8B=CD=AA=CC=83=CC=8D=CC=B3?=
 =?UTF-8?q?=CC=B3=CC=A6=CC=9E=CC=B0=CC=9C=CC=9E=CC=B3=20=CC=81=CD=91=CD=A8?=
 =?UTF-8?q?=CD=84=CC=8E=CC=8B=CD=AE=CD=8A=CC=80=CC=A9=CC=98n=CC=83=CC=88?=
 =?UTF-8?q?=CD=AE=CD=A6=CC=81=CD=AB=CD=90=CD=9B=CD=94=CC=A3=CD=85=CD=85?=
 =?UTF-8?q?=CD=93=CC=ACo=CC=90=CD=86=CC=BD=CC=A9=CC=A6=CC=B3=CC=A0=CC=99?=
 =?UTF-8?q?=CC=97=CC=AF=CC=BAt=CD=82=CD=A9=CD=8B=CC=85=CD=84=CC=9C=CC=A5?=
 =?UTF-8?q?=CC=BB=CC=99=CC=9F=CC=BC=CC=9C=20=CD=92=CD=8B=CC=85=CC=81=CD=90?=
 =?UTF-8?q?=CC=A0=CC=A6=CC=B9=CC=9F=CD=95=CD=95=CC=B1=CD=89a=CC=84=CD=A6?=
 =?UTF-8?q?=CC=92=CC=8D=CD=8B=CC=9F=CC=BB=CC=B1=20=CD=A8=CD=A9=CD=8A=CD=82?=
 =?UTF-8?q?=CC=89=CD=85=CC=97=CC=9E=CD=9Ah=CD=A3=CD=94=CC=BC=CD=9A=CC=A9?=
 =?UTF-8?q?=CD=9A=CC=AA=CC=9D=CC=9Da=CC=92=CC=93=CD=AC=CC=AB=CC=ABc=CC=83?=
 =?UTF-8?q?=CD=A5=CD=AF=CC=A6=CC=B2=CC=B3=CD=8D=CC=B9k=CC=8A=CC=B2=CD=95?=
 =?UTF-8?q?=CC=97=CC=96=CC=A4=CC=99=CC=9C=CD=8De=CC=BF=CC=AB=CD=8E=CC=9F?=
 =?UTF-8?q?=CC=BC=CC=BA=CC=ABr=CC=8A=CC=91=CC=BF=CC=85=CD=AF=CD=99=CD=85?=
 =?UTF-8?q?=CC=B0=29=CD=86=CC=87=CD=A7=CC=9A=CD=91=CC=AA=CC=96=CD=87=CC=9D?=
 =?UTF-8?q?=CC=AE=CC=AA=CD=96=CC=A6?= <a904guy@users.noreply.github.com>
Date: Sat, 15 Oct 2022 20:10:12 -0400
Subject: [PATCH] Allow CORP Headers, Enabling SharedArrayBuffer

---
 packages/sirv-cli/bin.js   | 2 ++
 packages/sirv-cli/index.js | 8 ++++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/packages/sirv-cli/bin.js b/packages/sirv-cli/bin.js
index 9a7d054..bf1371a 100644
--- a/packages/sirv-cli/bin.js
+++ b/packages/sirv-cli/bin.js
@@ -16,6 +16,7 @@ sade('sirv [dir]')
 	.option('-e, --etag', 'Enable "ETag" header')
 	.option('-d, --dotfiles', 'Enable dotfile asset requests')
 	.option('-c, --cors', 'Enable "CORS" headers to allow any origin requestor')
+	.option('-CP --corp', 'Enable "CORP" headers, set to same-orgin')
 	.option('-G, --gzip', 'Send precompiled "*.gz" files when "gzip" is supported', true)
 	.option('-B, --brotli', 'Send precompiled "*.br" files when "brotli" is supported', true)
 	.option('-m, --maxage', 'Enable "Cache-Control" header & define its "max-age" value (sec)')
@@ -39,6 +40,7 @@ sade('sirv [dir]')
 			immutable: false,
 			http2: false,
 			cors: false,
+			corp: false,
 			logs: true,
 		}
 	});
diff --git a/packages/sirv-cli/index.js b/packages/sirv-cli/index.js
index 7810262..d6917d9 100644
--- a/packages/sirv-cli/index.js
+++ b/packages/sirv-cli/index.js
@@ -34,11 +34,15 @@ module.exports = function (dir, opts) {
 	dir = resolve(dir || '.');
 	opts.maxAge = opts.m;
 
-	if (opts.cors) {
-		opts.setHeaders = res => {
+	opts.setHeaders = res => {
+		if (opts.cors) {
 			res.setHeader('Access-Control-Allow-Origin', '*');
 			res.setHeader('Access-Control-Allow-Headers', 'Origin, Content-Type, Accept, Range');
 		}
+		if (opts.corp) {
+			res.setHeader('Cross-Origin-Embedder-Policy', 'require-corp');
+			res.setHeader('Cross-Origin-Opener-Policy', 'same-origin');
+		}
 	}
 
 	let server;