Skip to content

Feature Policy

Medium — good to knowSecurity

ELI5 — The Vibe Check

Feature Policy (now Permissions Policy) controls which browser features your site and embedded iframes can use. Block camera access? Disable geolocation? Prevent auto-play? One header controls it all. It stops third-party content from accessing features you didn't approve.

Real Talk

Feature Policy (superseded by Permissions Policy) is an HTTP header controlling which browser APIs and features are available to a page and its embedded content. It restricts access to sensitive APIs like camera, microphone, geolocation, payment, and USB.

When You'll Hear This

"Feature Policy disables camera and microphone access for all third-party iframes." / "We set Feature Policy to block geolocation on pages that don't need it."

Related Terms

Content Security Policy Headers

CSP tells the browser exactly where scripts, styles, images, and other resources are allowed to load from. If a hacker injects a script pointing to evil.

intermediateSecurity

Permissions Policy

Permissions Policy is Feature Policy's newer, better version. Same concept — control which browser features your site can use.

intermediateSecurity

Security Headers

Security Headers are HTTP response headers that tell browsers 'here's how to protect my users.

intermediateSecurity
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.