A web platform API which gives a website the ability to allow and deny the use of browser features in its own frame, and in iframes that it embeds. Examples of features that could be controlled by permissions policy include:
- getUserMedia (Camera, Microphone, and Speaker-selection)
- Fullscreen
- Geolocation
- MIDI
- Payments
- Synchronous XHR
- ...
See also: how to integrate a web platform feature with permissions policy.
The Permissions Policy spec is hosted on this repo, at https://w3c.github.io/webappsec-permissions-policy/
For more explanation, use cases, examples, etc., please refer to the explainer document.
Document Policy, which was previously hosted here, has been moved to WICG; it can be found at https://github.com/WICG/document-policy/.
Questions, suggestions? Please open an issue or send a pull request!