Stay organized with collections
Save and categorize content based on your preferences.
Cross-Origin-Embedder-Policy (COEP) is a response header that lets a
page opt in to more restrictive handling. The Google Publisher Tag
(GPT) does not yet support pages served with this restriction;
thus, we recommend publishers affected by Chrome's
SharedArrayBuffer deprecation opt their site out by
applying for the reverse Origin Trial until Chrome
supports combining COEP with ads.
How do I know if my site is affected?
Chrome has documentation describing how to use Chrome DevTools
to determine whether your site uses SharedArrayBuffer. If DevTools tells you
that the use of SharedArrayBuffer is in a third-party script, inquire from the
vendor whether SharedArrayBuffer is required for the script's operation.
Why am I seeing a SharedArrayBuffer deprecation warning in desktop Chrome?
Because SharedArrayBuffer can be used to create a high resolution timer, it
can make Spectre-style attacks more efficient. Browsers are limiting
its use to pages that opt in to COEP. That limitation is already in place for
Firefox and Android Chrome, and
Desktop Chrome will be applying it in version 92.
Why doesn't GPT support COEP yet?
Displaying ads requires embedding cross-origin content, and COEP requires that
content to explicitly opt in to cross-origin embedding. This requires
changes to every resource in every ad, both ones served by Google and ones
served by third parties. We are working with Chrome on changes
to allow COEP sites to include ads without requiring such extensive changes.
What are my options?
If your site requires SharedArrayBuffer, Chrome is offering a per-site opt-out
through a reverse Origin Trial, which allows use of
SharedArrayBuffer in Chrome 92 and later. Chrome plans to continue
supporting this opt-out until support for embedding
unmodified third-party content is released. At that point we indend to ensure
GPT supports COEP pages.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-10-31 UTC."],[[["Google Publisher Tag (GPT) currently doesn't support pages using Cross-Origin-Embedder-Policy (COEP) due to restrictions on cross-origin embedding."],["Publishers affected by Chrome's `SharedArrayBuffer` deprecation are recommended to opt out using the reverse Origin Trial until GPT supports COEP."],["`SharedArrayBuffer` is being restricted due to security concerns, prompting Chrome to require COEP for its usage."],["GPT's lack of COEP support stems from the need for extensive changes across all ad resources, both Google's and third-party's, to explicitly opt into cross-origin embedding."],["Chrome offers a per-site opt-out via a reverse Origin Trial, enabling `SharedArrayBuffer` use until broader COEP support for embedded content arrives."]]],["`Cross-Origin-Embedder-Policy` (COEP) restricts embedding, impacting Google Publisher Tag (GPT) functionality. Chrome limits `SharedArrayBuffer` usage to COEP-enabled pages due to security risks. If `SharedArrayBuffer` is necessary, publishers can opt out via a reverse Origin Trial. Chrome DevTools can check `SharedArrayBuffer` usage. GPT doesn't support COEP yet because ads require cross-origin content embedding, needing broad changes; Chrome and Google are working on solutions. The opt-out will be available until third party changes are rolled out.\n"]]