crossOriginIsolated property

The crossOriginIsolated read-only property of the WorkerGlobalScope interface returns a boolean value that indicates whether the website is in a cross-origin isolation state. That state mitigates the risk of side-channel attacks and unlocks a few capabilities:

• SharedArrayBuffer can be created and sent via a DedicatedWorkerGlobalScope.postMessage or a MessagePort.postMessage call.
• Performance.now offers better precision.
• Performance.measureUserAgentSpecificMemory can be accessed.

A website is in a cross-origin isolated state, when the response header has the value same-origin and the header has the value require-corp or credentialless.