Permissions-Policy

Checks for the presence of the 'Permissions-Policy' header, which helps protect your users by limiting certain browser features.

The Permissions-Policy header allows a website to specify which features of the web browser should be permitted to function. This can help improve the user's privacy (ex: disabling the microphone) and it can also be used to enforce best practices (ex: blocking oversized images). This header has been renamed from "Feature-Policy", and the old naming currently has more browser support. We recommend including both headers for now, and then removing the older "Feature-Policy" header in the future once the transition has been completed.

This test will check for the existence of this header and then parse the contents to make sure there aren't any syntax errors. No particular values are preferred, since this is highly dependent on the particulars of each website.

For more information, please read our documentation for the Permissions-Policy header or read our article on Security Headers to learn about this and other important server settings.

Ready to validate your website for this test and 100+ others?