v2.3.11

changelog.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 2025-12-11 - 2.3.11 - fix(typedserver)
+Add cross-origin security headers to element mode dev server
+
+- Set crossOriginOpenerPolicy to 'same-origin' and crossOriginEmbedderPolicy to 'require-corp' on the TypedServer used in element mode.
+- Improves security and enables cross-origin isolation (e.g. for SharedArrayBuffer) during local development.
+- Applies to the development server serving ./dist_watch/ on port 3002.
+
 ## 2025-12-11 - 2.3.10 - fix(dependencies)
 Bump dependency versions: @types/node to ^25.0.0 and @push.rocks/smartwatch to ^6.2.4
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@git.zone/tswatch",
-  "version": "2.3.10",
+  "version": "2.3.11",
   "private": false,
   "description": "A development tool for automatically watching and re-compiling TypeScript projects upon detecting file changes, enhancing developer workflows.",
   "exports": {

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@git.zone/tswatch',
-  version: '2.3.10',
+  version: '2.3.11',
   description: 'A development tool for automatically watching and re-compiling TypeScript projects upon detecting file changes, enhancing developer workflows.'
 }

ts/tswatch.classes.tswatch.ts

@@ -73,6 +73,10 @@ export class TsWatch {
             port: 3002,
             compression: true,
             spaFallback: true,
+            securityHeaders: {
+              crossOriginOpenerPolicy: 'same-origin',
+              crossOriginEmbedderPolicy: 'require-corp',
+            },
           });
 
           const bundleAndReloadElement = async () => {