The Feature-Policy header is no more. It is replaced by Permissions-Policy. I’ve started using it as soon as I read about the news.
This policy – for both the old and the new one – is for, and I quote:
This specification defines a mechanism that allows developers to selectively enable and disable use of various browser features and APIs.
Aside from the mere name change, there are some subtle differences. It is more on syntax or format change when defining this policy. The W3 Organization has the specification document explaining this new policy here: https://www.w3.org/TR/permissions-policy-1, and https://github.com/w3c/webappsec-permissions-policy/blob/master/permissions-policy-explainer.md. It is a long read as these types of documents go (You may want to go to the juicy parts right away).
For example, this is how the previous specification did it:
Feature-Policy "geolocation 'self'; vibrate 'none'"
The new one – Permissions-Policy – is slightly different now. The above line becomes like so:
Permissions-Policy "geolocation=(self), vibrate=()"
Nothing too drastic if you have noticed the differences. They are pretty obvious if you look closely.
This change is still pretty new. As per the draft in the first link above, the date indicated was only last 16th of July 2020. Major and updated browsers will be adapting on this change soon given time, if they have not already.
- > mounting FAT32 partitions ready for read-write September 22, 2006
- > WordPress Updates Asks For FTP Access June 1, 2019
- > What Ubuntu Version Do You Have? October 28, 2011
- > Trying Out Manjaro For The First Time February 22, 2021
- > Firefox 4 is finally here! March 22, 2011