crossOriginIsolated read-only property returns a boolean value that indicates whether the website is in a cross-origin isolation state. That state mitigates the risk of side-channel attacks and unlocks a few capabilities:
SharedArrayBuffercan be created and sent via a
Performance.now()offers better precision.
Performance.measureUserAgentSpecificMemory()can be accessed.
A website is in a cross-origin isolated state, when the response header
Cross-Origin-Opener-Policy has the value
same-origin and the
Cross-Origin-Embedder-Policy header has the value