UD5 Toolkit
Jest/Vitest Unit Test Generator - Online Function Stub
Write a function name and get a complete unit test stub with describe, it, and expect. Follows AAA pattern.
Cross‑Origin Isolation Checker - Online COOP/COEP Test
Cross-Origin Isolation Checker
Verify COOP / COEP headers & browser cross-origin isolation status
Cross-Origin-Opener-Policy
Cross-Origin-Embedder-Policy
Checking your browser...
Why does it matter?
Cross-origin isolation enables powerful features like SharedArrayBuffer, performance.measureUserAgentSpecificMemory(), and high-resolution timers. Without proper COOP/COEP headers, these APIs are blocked.
Check Any URL (curl command)
Enter a URL to generate a ready-to-use curl command that fetches Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy headers. Run it in your terminal.
How to Enable COOP
Add this HTTP response header to your top-level document:
Cross-Origin-Opener-Policy: same-origin
Possible values: unsafe-none, same-origin-allow-popups, same-origin
How to Enable COEP
Add this HTTP response header:
Cross-Origin-Embedder-Policy: require-corp
or credentialless (no CORP required for cross-origin resources).
Frequently Asked Questions
Cross-origin isolation is a browser security policy that restricts interactions with cross-origin documents and resources. It is enabled when both Cross-Origin-Opener-Policy (COOP) and Cross-Origin-Embedder-Policy (COEP) are set to specific values. This isolation unlocks powerful but potentially dangerous APIs like
SharedArrayBuffer.
Open the developer console (F12) and type
self.crossOriginIsolated. If it returns true, your page is isolated. You can also inspect the Network tab and look for the COOP/COEP headers or use this tool to generate a curl command.
To achieve full cross-origin isolation, you need:
Cross-Origin-Opener-Policy: same-originCross-Origin-Embedder-Policy: require-corp(orcredentialless)
require-corp, all cross-origin resources (images, scripts, etc.) must be loaded with Cross-Origin-Resource-Policy: cross-origin or serve appropriate CORS headers.
Cross-Origin-Opener-Policy (COOP) controls how a top-level document interacts with cross-origin windows. Setting it to
same-origin isolates your browsing context from different origins, preventing cross-origin attacks via window.opener.
Cross-Origin-Embedder-Policy (COEP) prevents your document from loading any cross-origin resource that doesn’t explicitly grant permission (via CORP or CORS). The value
require-corp enforces this, while credentialless allows loading cross-origin resources without credentials and without requiring CORP.
COOP isolates the top-level browsing context; COEP controls which resources can be embedded; Cross-Origin-Resource-Policy (CORP) tells the browser whether a resource can be loaded by another origin. All three work together to enforce cross-origin isolation.
Private State Token Demo - Online Anti‑Fraud Test
Issue and redeem Private State Tokens (formerly Trust Tokens). Understand how they help detect bots without cookies.
Navigation API Playground - Online Single‑Page Router
Intercept and manage navigations without reloading. Test transition handling and URL updates. The future of client‑side routing.
Latin Square Generator - Online Balanced Grid
Create Latin squares for experimental design or tournament scheduling. Visual and copyable. No server required.
BookCrossing BCID Generator - Online Unique Book ID Checksum
Generate a valid BookCrossing BCID with checksum for your free book tracking label. Follows BCID format rules. Fun for sharing books.
CSS Nesting Playground - Online Native Nesting Tester
Write CSS with native nesting (like SCSS) and see the browser’s native parsing. Validator and live output.
Random Travel Destination - Online Wanderlust Generator
Spin the globe and get a random country or city to visit. Learn a fun fact. Plan your next adventure. Local data.
CSS Grid Playground - Online Interactive Layout Builder
Experiment with CSS Grid properties visually. Add rows, columns, and areas. See the grid in action and copy the code.
Text to Number Code - Online A1Z26 Encoder
Encode letters to their position in the alphabet (A=1, B=2...) and decode back. A classic puzzle tool. No data leaves your device.
UUID v7 Generator - Online Time‑Ordered Unique IDs
Generate UUID v7 identifiers that are lexicographically sortable and timestamped. Perfect for databases. All local.
CSS Grid Placement Playground - Online Visual Area Builder
Drag items into grid cells and see the resulting grid‑area or line‑based placement code. Learn how auto‑placement and spanning work.
Nano ID Generator - Online Compact Unique IDs
Generate short, URL‑safe, unique string IDs with customizable alphabet and length. Smaller than UUID. Local only.
Wingdings Translator - Online Text to Symbol Converter
Encode text into Wingdings symbols and decode Wingdings back to text. A nostalgic and fun puzzle tool. All processing in your browser.
Climbing Grade Converter – Online V‑Scale to Font & YDS
Convert climbing difficulty between V‑scale, Fontainebleau, and Yosemite Decimal System. Quick reference for gym climbers.
Lost Pet Poster Generator – Online Fill & Print Flyer
Upload a photo, enter details, and create a tear-off style lost pet poster. Instant PDF download.
isolation CSS Property Demo - Online Control Stacking Context
Use isolation: isolate to contain mix‑blend‑mode and filters. See the visual difference with and without. Quick demo.
Sound Wave Extractor - Online Isolate Vocals or Instrumental
Simple phase cancellation tool: load a stereo track and attempt to remove center‑panned vocals. Not perfect, but fun to experiment.