Origin Policy provides a mechanism for defining configuration options with origin-wide impact. This status item covers Origin Policy infrastructure and support for Content Security Policy and Feature Policy policy items.


Developers set a number of properties associated with resources on an origin by delivering resource-specific HTTP response headers and meta elements. However, the existing delivery mechanism is ill-suited to the task, suffering from a clear mismatch between the resource-specific nature of the metadata declarations on the one hand, and the origin-wide intent of the metadata on the other. Origin policy provides a centralized per-origin location for configurations that can apply across an origin, such as CSP, feature policy, origin isolation, network error logging, and more.



Editor's draft

Status in Chromium


In development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • Positive
  • No signal
  • No signal
  • Positive


Last updated on 2021-05-30