proposed nginx configuration to enable XLSX export without disabling print from other apps

docs/example.nginx.conf

@@ -57,11 +57,6 @@ server {
     add_header Access-Control-Allow-Origin "*";
     # add_header X-Frame-Options "SAMEORIGIN";
 
-    # Enable SharedArrayBuffer in Firefox (for .xlsx export)
-    add_header Cross-Origin-Resource-Policy cross-origin;
-    add_header Cross-Origin-Opener-Policy same-origin;
-    add_header Cross-Origin-Embedder-Policy require-corp;
-
     # Insert the path to your CryptPad repository root here
     root /home/cryptpad/cryptpad;
     index index.html;
@@ -113,6 +108,14 @@ server {
     if ($uri = "/sheet/inner.html") { set $unsafe 1; }
     if ($uri ~ ^\/common\/onlyoffice\/.*\/index\.html.*$) { set $unsafe 1; }
 
+    set $coop '';
+    if ($uri ~ ^\/sheet\/.*$) { set $coop 'same-origin'; }
+
+    # Enable SharedArrayBuffer in Firefox (for .xlsx export)
+    add_header Cross-Origin-Resource-Policy cross-origin;
+    add_header Cross-Origin-Opener-Policy $coop;
+    add_header Cross-Origin-Embedder-Policy require-corp;
+
     # everything except the sandbox domain is a privileged scope, as they might be used to handle keys
     if ($host != $sandbox_domain) { set $unsafe 0; }