I'll do a more thorough write-up/blog soon, and even though this post might get a little long, the TL;DR is that BrowZer leverages JSPI.
Until JSPI is finalized (and it is always present/enabled in the browser), it needs to be externally enabled in the browser somehow.
JSPI can be enabled in multiple ways, including:
- by the end-user of the browser, by enabling the flag (down in chrome://flags), or...
- via what is known as an "Origin Trial"
Since some browsers (like Edge) have recently stopped making the JSPI flag available in the edge://flags UI (even though JSPI is available in Edge), enabling JSPI via an Origin Trial is the only way to get JSPI enabled.
I also assert that the Origin Trial approach is far better for end-users of a browZer-protected web app because they never need to manually enable JSPI, or even know JSPI exists. Origin Trials will transparently enable the JSPI flag for the end-user of your BrowZer-protected web app.
Now...
If you are using CloudZiti, we take care of the Origin Trial config for you.
If you are self-hosting your own OpenZiti BrowZer stack, you will need to acquire your own Origin Trial token (it's easy) that is appropriate for your domain /origin, and then provide that token to the BrowZer Bootstrapper.
To acquire your Origin Trial token:
- visit this page and register for the JSPI Trial. It's free.
- get signed in to Google using the button in the upper right corner
- fill in the dialog as follows (I used Clint's domain as an example):
- You will then be presented with the following dialog:
Using the token you just received, provide it to the BrowZer Bootstrapper via the following env var:
ZITI_BROWZER_RUNTIME_ORIGIN_TRIAL_TOKEN=<YOUR_TOKEN>
This should get you up and running.
Let us know how it goes.