Skip to content
A mechanism to selectively enable and disable browser features and APIs
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
policies fix typo in header name (#285) Mar 7, 2019
.gitignore Enable Travis to auto-build HTML output Jun 19, 2018
.travis.yml Enable Travis to auto-build HTML output Jun 19, 2018
CONTRIBUTING.md Update web-platform-tests URLs Jun 11, 2018
LICENSE.md Adding baseline LICENSE.md Jul 5, 2016
README.md Fix links in README.md Dec 22, 2018
deploy.sh Add executable bit to deploy.sh Jun 19, 2018
deploy_key.enc
features.md Update features.md Feb 22, 2019
index.bs
integration.md Fix typo in integration.md link Dec 22, 2018
reporting.md fix typo in ReportingObserver example (#283) Feb 28, 2019
sandbox.md Update sandbox.md (#290) Apr 1, 2019
security-privacy-questionnaire-introspection.md Update security-privacy-questionnaire-introspection.md Jul 25, 2018
security-privacy-questionnaire-sandbox.md Create security-privacy-questionnaire-sandbox.md Jan 29, 2019
security-privacy-questionnaire.md
tidyconfig.txt
w3c.json Minor tweak Mar 21, 2019

README.md

Feature Policy

A web platform API which gives a website the ability to allow and deny the use of browser features in its own frame, and in iframes that it embeds. Examples of features that could be controlled by feature policy include:

  • getUserMedia (Camera, Speakers and Microphone)
  • Fullscreen
  • Geolocation
  • MIDI
  • Payments
  • Synchronous XHR
  • Synchronous scripts
  • Lazyload
  • ...

The spec is hosted on this repo, at https://w3c.github.io/webappsec-feature-policy/

For more explanation, use cases, examples, etc., please refer to the explainer document.

Questions, suggestions? Please open an issue or send a pull request!

You can’t perform that action at this time.