The Permissions-Policy HTTP header replaces the existing Feature-Policy header for controlling delegation of permissions and powerful features. The header uses a structured syntax, and allows sites to more tightly restrict which origins can be granted access to features.
The Feature Policy API was recently renamed to "Permissions Policy", and the HTTP header has been renamed along with it. At the same time, the community has settled on a new syntax, based on Structured Field Values for HTTP.
Status in Chromium
Enabled by default (tracking bug) in:
- Chrome for desktop release 88
- Chrome for Android release 88
- Android WebView release 88
Consensus & Standardization
Intent to Prototype urlIntent to Prototype thread
Last updated on 2021-02-25