From 7ec0d3c84e817be849e0249e2bb5cee0f7336953 Mon Sep 17 00:00:00 2001
From: Anthony Fu <anthonyfu117@hotmail.com>
Date: Thu, 7 Dec 2023 19:47:20 +0100
Subject: [PATCH] fix: allow iframe to work in stricter cross-origin policy

close https://github.com/nuxt/learn.nuxt.com/pull/68

Co-authored-by: sqcheah <sqcheah@users.noreply.github.com>
---
 packages/devtools/src/runtime/plugins/view/client.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/packages/devtools/src/runtime/plugins/view/client.ts b/packages/devtools/src/runtime/plugins/view/client.ts
index 19d05eedb..65d3f913d 100644
--- a/packages/devtools/src/runtime/plugins/view/client.ts
+++ b/packages/devtools/src/runtime/plugins/view/client.ts
@@ -129,6 +129,8 @@ export async function setupDevToolsClient({
       try {
         iframe = document.createElement('iframe')
         iframe.id = 'nuxt-devtools-iframe'
+        iframe.allow = 'cross-origin-isolated'
+        iframe.setAttribute('credentialless', 'true')
         iframe.src = initialUrl
         iframe.onload = async () => {
           try {