Search
Support
Menu
Edit Template

Get started

Integration

In-depth knowledge

Testing and Go-live

In-depth Knowledge

Cross Domain Security

We strongly recommend that you implement the HTTP security header Cross-Origin-Opener-Policy with the value of same-origin on your website. This header helps to protect against a variety of potential security issues, including cross-site attacks and data breaches, by isolating your site from other origins sharing the same browsing context.
Implementing this header is critical for:

Security: Ensuring that your web pages are isolated from potentially harmful third-party content.

Compatibility: Making sure that [Your Product] works seamlessly within your website without any security conflicts.

Performance: Allowing your website to better utilise modern web features that improve load times and user experience.

Implementation examples

  • Example of how to set the header in an HTTP response:

    1-http

    Cross-Origin-Opener-Policy: same-origin
  • For an Apache server, you can add the following line to your .htaccess file:

    2-apache

    Header set Cross-Origin-Opener-Policy “same-origin”
  • For Nginx servers, add this line to your site configuration:

    3-nginx 

    add_header Cross-Origin-Opener-Policy same-origin;
Brite AB

Linnégatan 5
114 47 Stockholm
Sweden

Technical Resources
Marketing
Checkout Guidelines
Company
Contact

Brite AB (corporate identity number: 559116-1632) is a licensed Payment Institution under the supervision of the Swedish Financial Supervisory Authority (Finansinspektionen). Brite AB provides payment services under the Swedish Payment Services Act (2010:751) as well as the EU Directive 2015/2366 about payment services in the internal market (PSD2) and has, upon notification, the authority to provide payment services across EU/EES.

© 2024 Brite AB