웹사이트에 어떤 권한이 필요합니까?

The feature policy was introduced several years ago and allows you to limit the web features that your website and anything embedded including iframes can use.

This helps protect your users from anything running that shouldn't be and accessing any web features that you didn't intend.

Here are some of the most important features to enable/disable:

• accelerometer
• camera
• geolocation
• gyroscope
• magnetometer
• microphone
• payment
• usb

The features policy has been superseded by the better named Permissions Policy. I would still recommend setting both to support older browsers.

It supports the same features as the Features Policy but with a slightly different syntax.

In features policy it would look like:

feature-policy: accelerometer 'none'; camera 'self'; geolocation 'self' https://google.com

which translates to:

permissions-policy: accelerometer=(), camera=(self), geolocation=(self "https://google.com")

Really simple to convert from the old policy and a slightly nicer syntax too!

In summary, it's really easy to set two additional headers to help improve the security of your site. Denying permission to unused features limits the risk to your users and the possibilities if there is a breach of any untoward web features being used.

Set those headers now!

Happy Building!