From a4940231da8190e29a4e8b8666b41b341b173e3a Mon Sep 17 00:00:00 2001
From: Basilio Bogado <541149+basiliskus@users.noreply.github.com>
Date: Thu, 26 Dec 2024 10:42:37 -0800
Subject: [PATCH] Trial and error

---
 .../gov/hhs/cdc/trustedintermediary/external/javalin/App.java  | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/app/src/main/java/gov/hhs/cdc/trustedintermediary/external/javalin/App.java b/app/src/main/java/gov/hhs/cdc/trustedintermediary/external/javalin/App.java
index d5bbefd9a..10b63d090 100644
--- a/app/src/main/java/gov/hhs/cdc/trustedintermediary/external/javalin/App.java
+++ b/app/src/main/java/gov/hhs/cdc/trustedintermediary/external/javalin/App.java
@@ -52,8 +52,7 @@ public static void main(String[] args) {
                 ctx -> {
                     ctx.header("X-Content-Type-Options", "nosniff");
                     // Fix for https://www.zaproxy.org/docs/alerts/90004
-                    ctx.header("Cross-Origin-Opener-Policy", "same-origin");
-                    ctx.header("Cross-Origin-Embedder-Policy", "require-corp");
+                    ctx.header("Cross-Origin-Resource-Policy", "cross-origin");
                 });
 
         try {