Skip to content

Latest commit

 

History

History
70 lines (62 loc) · 1.46 KB

README.md

File metadata and controls

70 lines (62 loc) · 1.46 KB
Raw

Feature Policy

NOTE: The Feature-Policy header has been deprecated by browsers in favor of Permissions-Policy. This module will still be supported but no new features will be added.

This is Express middleware to set the Feature-Policy header. You can read more about it here and here.

To use:

const featurePolicy = require("feature-policy");

// ...

app.use(
  featurePolicy({
    features: {
      fullscreen: ["'self'"],
      vibrate: ["'none'"],
      payment: ["example.com"],
      syncXhr: ["'none'"],
    },
  }),
);

The following features are supported:

  • accelerometer
  • ambientLightSensor
  • autoplay
  • battery
  • camera
  • displayCapture
  • documentDomain
  • documentWrite
  • encryptedMedia
  • executionWhileNotRendered
  • executionWhileOutOfViewport
  • fontDisplayLateSwap
  • fullscreen
  • geolocation
  • gyroscope
  • layoutAnimations
  • legacyImageFormats
  • loadingFrameDefaultEager
  • magnetometer
  • microphone
  • midi
  • navigationOverride
  • notifications
  • oversizedImages
  • payment
  • pictureInPicture
  • publickeyCredentials
  • push
  • serial
  • speaker
  • syncScript
  • syncXhr
  • unoptimizedImages
  • unoptimizedLosslessImages
  • unoptimizedLossyImages
  • unsizedMedia
  • usb
  • verticalScroll
  • vibrate
  • vr
  • wakeLock
  • xr
  • xrSpatialTracking