我在我的站点上的控制台中收到以下错误:
Error with Feature-Policy header: Unrecognized feature: 'unsized-media'.
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
Error with Feature-Policy header: Unrecognized feature: 'vr'.
我是一名前端 Web 开发人员,所以我试图按照此处的描述在 JS 中进行设置https://developers.google.com/web/updates/2018/06/feature-policy#js而不会弄乱我的服务器配置。
console.log(document.featurePolicy.allowedFeatures());
结果是:
["geolocation", "midi", "ch-ect", "usb", "magnetometer", "picture-in-picture", "publickey-credentials-get", "accelerometer", "ch-lang", "document-domain", "encrypted-media", "ch-downlink", "ch-ua-arch", "xr-spatial-tracking", "ch-ua-platform-version", "ch-width", "ch-ua-model", "sync-xhr", "camera", "ch-viewport-width", "payment", "ch-rtt", "ch-ua-full-version", "fullscreen", "autoplay", "ch-dpr", "ch-ua-platform", "screen-wake-lock", "gyroscope", "ch-ua-mobile", "ch-device-memory", "ch-ua", "microphone"]
还
document.featurePolicy.allowsFeature('unsized-media', 'self');
结果是:
Invalid origin url for feature 'unsized-media': self.
你不能。
功能策略由服务器设置(通过Feature-Policy或Permissions-Policy 标头)并控制允许 JavaScript 执行的操作。
如果 JavaScript 可以授予自己做它喜欢的任何事情的权限,那将毫无意义。