Dou*_*gui 6 google-chrome http-headers
我正在应用程序的 HTTP 标头中添加Feature-Policy。它运行良好,但我在 Chrome 上有这种消息:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
Chrome 无法识别此功能,但 Firefox 可以识别此功能。此消息会导致应用程序测试套件出现问题。
我检查了我们可以与 Chrome 一起使用的开关列表,但没有找到合适的开关。我知道根据所使用的浏览器可能会更改标题,但这很麻烦。理想的做法是在标题中添加一些内容。
最好的解决方案是什么?
You need to use correct (newer) version of Chrome
See table of Feature-Policy features vs. version of Chrome, that accepts them https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md
I've just tested with current Chrome versions
With header like
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
If you're unable to use newer Chrome version, CLI flag mentioned in linked w3c document, should help you
--enable-blink-features=ExperimentalProductivityFeatures
Also, be careful with how the header is formulated, some of the features changed name over time (eg. vr (old) => xr-spatial-tracking (new))
And the origin must be correctly enclosed by single-quotes
# wrong
Feature-Policy: autoplay self; camera none;
# correct
Feature-Policy: autoplay 'self'; camera 'none';
最后但并非最不重要的一点是,Feature-Policy标头似乎将被重命名为Permissions-Policy,并且声明允许的功能来源的语法也将发生变化
请参阅参考:
| 归档时间: |
|
| 查看次数: |
3042 次 |
| 最近记录: |