COEP, assess embedded resources on your site

Cross-origin resources must be explicitly permitted with either CORS or CORP.

Our Platform

Cross-Origin Embedder Policy allows you ensure that all cross-origin resources are using either CORS or CORP to be loaded.

Related Products
COOP Reports

COEP Graphs view

Key Features

COEP will prevent your site from loading any resources that have not explicitly granted permissions using either the CORS or CORP HTTP response header:

  • Easy to enable

  • Simple to configure

  • Allows strict monitoring of cross-origin resources

  • Detailed information allows for rapid debugging

COEP Reports view

Deploying COEP Reporting

COEP Reporting is configured via a HTTP response header called Cross-Origin-Embedder-Policy.

COEP has a safe 'testing' mode that allows you to gather feedback with no risk.

After a period of monitoring you can enforce the COEP policy, or, continue to monitor on an ongoing basis.

Some facts about us

37k+ Domains Monitored
1.25T+ Reports Processed
1k+ Alexa Top 1M Sites

Simple Pricing

Select your usage


Per Month*

Enterprise Accounts

We can tailor a package to your exact requirements with custom usage, billing and SLA. You need an enterprise account if you're looking for any of the following features, just get in touch!

  • Invoicing
  • Managed/Dedicated Instance
  • Geographic Hosting/Processing
  • Custom or Unlimited Usage
  • Support SLA
  • Custom Terms

We're Trusted By

Award Winning Service