From 644ffe4d1ae514f23744f625b8f307da0e9e1f7f Mon Sep 17 00:00:00 2001
From: Yuri Tatishchev <itatishch@gmail.com>
Date: Thu, 5 Feb 2026 05:18:12 -0800
Subject: [PATCH] success pt. 11 add hooks and headers to make OPFS work

---
 _headers            |  8 ++++++++
 src/hooks.server.ts | 15 +++++++++++++++
 2 files changed, 23 insertions(+)
 create mode 100644 _headers
 create mode 100644 src/hooks.server.ts

diff --git a/_headers b/_headers
new file mode 100644
index 0000000..43f9f36
--- /dev/null
+++ b/_headers
@@ -0,0 +1,8 @@
+/*
+  # Enable cross-origin isolation (required for SharedArrayBuffer/Atomics),
+  # which sqlite-wasm OPFS persistence (e.g. sqlocal) depends on.
+  Cross-Origin-Opener-Policy: same-origin
+  Cross-Origin-Embedder-Policy: require-corp
+
+  # Optional but commonly paired with COOP/COEP.
+  Cross-Origin-Resource-Policy: same-origin
diff --git a/src/hooks.server.ts b/src/hooks.server.ts
new file mode 100644
index 0000000..f46d5fd
--- /dev/null
+++ b/src/hooks.server.ts
@@ -0,0 +1,15 @@
+import type { Handle } from "@sveltejs/kit";
+
+export const handle: Handle = async ({ event, resolve }) => {
+	const response = await resolve(event);
+
+	// https://sqlocal.dev/guide/setup#cross-origin-isolation
+	// Cross-origin isolation (needed for SharedArrayBuffer/Atomics -> sqlite-wasm OPFS)
+	response.headers.set("Cross-Origin-Opener-Policy", "same-origin");
+	response.headers.set("Cross-Origin-Embedder-Policy", "require-corp");
+
+	// Optional, but commonly paired
+	response.headers.set("Cross-Origin-Resource-Policy", "same-origin");
+
+	return response;
+};