In my browser console window.crossOriginIsolated is false despite of adding all proper COOP COEP CORP headers in my React Js and Django app

when i access cmd to express-> node server.js with coop and coep and corp headers and access directly the locahost:8080/ everything is working fine and even window.crossOriginIsolated is true. but when i integrate it to my existing react js and django and i add custom middleware.py for coop and coep. but still no use... even the pages of any of my reactjs and django itself is not showing window.crossOriginIsolated true despite of adding all required headers. kindly help me. i dont have any cors error at all my app works fine with api's transaction between react js and django working fine.

this is custom middleware for cors

`from django.http import HttpResponse


class CrossOriginIsolationMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        # Handle OPTIONS preflight request (for CORS)
        if request.method == 'OPTIONS':
            response = HttpResponse()
            response['Access-Control-Allow-Origin'] = 'http://localhost:3000'  # Specify the frontend origin
            response['Access-Control-Allow-Credentials'] = 'true'
            response['Access-Control-Allow-Headers'] = 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
            response['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS, PUT, DELETE'
            return response

        response = self.get_response(request)
        response['Access-Control-Allow-Origin'] = 'http://localhost:3000'              response['Access-Control-Allow-Credentials'] = 'true'
        response['Access-Control-Allow-Headers'] = 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
        response['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS, PUT, DELETE'

        if request.path.startswith('/dicomweb/'):
            response['Cross-Origin-Opener-Policy'] = 'same-origin'
            response['Cross-Origin-Embedder-Policy'] = 'require-corp'
            response['Cross-Origin-Resource-Policy'] = 'cross-origin'  # Changed to same-origin for better isolation
        elif request.path.startswith('/api/'):
            response['Cross-Origin-Opener-Policy'] = 'same-origin'
            response['Cross-Origin-Embedder-Policy'] = 'require-corp'
            response['Cross-Origin-Resource-Policy'] = 'cross-origin'

        return response`

my settings.py have

`MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'main.middleware.CrossOriginIsolationMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'csp.middleware.CSPMiddleware',
]`

kindly do help in getting the window.crossOriginIsolated to true i have been stuck to this for past 20 days do help i'm learning coding step by step so i dont know what im doing wrong kindly help

Back to Top