You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The OwaspHeaders.Core middleware does not yet include support for Feature-Policy which is a header related to enabling or disabling certain JavaScript API features.
Quote from Scott Helme's blog:
TheFeature Policy is being created to allow site owners to enable and disable certain web platform features on their own pages and those they embed. Being able to restrict the features your site can use is really nice but being able to restrict features that sites you embed can use is an even better protection to have.
Due to an update to Security Headers (see footnote), which is a tool that a lot of users use to check their website security headers, this header should be implemented as soon as possible.
Description
The OwaspHeaders.Core middleware does not yet include support for Feature-Policy which is a header related to enabling or disabling certain JavaScript API features.
Quote from Scott Helme's blog:
Source: A new security header: Feature Policy
Links to Header Information
The text was updated successfully, but these errors were encountered: