Feature Policy

Special permission from the user is sometimes required to gain access to certain hardware features or browser APIs. A Feature Policy is defined as a semi-colon-separated list of directives and allowed lists. (more information here ). To set a Feature Policy, send a Feature-Policy header in the HTTP response or use the 'allow' attribute on an iframe.

Directives: accelerometer, ambient-light-sensor, autoplay, battery, camera, display-capture, document-domain, encrypted-media, execution-while-not-rendered, execution-while-out-of-viewport, fullscreen, geolocation, gyroscope, layout-animations, legacy-image-formats, magnetometer, microphone, midi, navigation-override, oversized-images, payment, picture-in-picture, publickey-credentials, sync-xhr, usb, wake-lock, xr-spatial-tracking

Allowed Lists:
*: allowed in this document and all nested iframes of all origins
'self': allowed in this document and all nested iframes from the same origin
'src': allowed in this iframe as long as coming from the same origin as the iframe
'none': disabled in top-level and nested iframes
<origin(s)>: allowed in specific origins

To obtain the embedding code of a YouTube video for another site, click on the SHARE button below the video on YouTube. You can also embed the video directly by noting the ID (eg. RRvJ9ff0TUs, seen in the URL location box) of the YouTube video and formulating the embedding URL thereafter.

'picture-in-picture' is a feature that displays the video at a corner of the screen when the user navigates away from the original video, eg. away from the browser.

Content Security Policy	<<<	HOME PAGE	>>>	Special References
last update: 16 Jun 2024

MENU

Feature Policy