| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by yesbabyyes 1830 days ago

It's specified here: https://www.w3.org/TR/permissions-policy-1/#policy-controlle...

There is a non-exhaustive list of features/APIs here: https://github.com/w3c/webappsec-feature-policy/blob/master/...

Each feature takes an allowlist, specifying which, if any, origins can use the feature.

1 comments

stock_toaster 1829 days ago

there is apparently no way to define a default disable either, so to turn off all the random features, the header becomes huge.

https://github.com/w3c/webappsec-permissions-policy/issues/1...

What is happening in w3c?!

link

robin_reala 1829 days ago

A cynical view would be that Google paid large sums to advertise Chrome on prime time TV while sideloading it with Flash and Java installs, which lead to an outsize user base, which lead to outsize influence at W3C on specifications.

link