A new security header: Feature Policy

Feature Policy is being created to allow site owners to enable and disable certain web platform features on their own pages and those they embed. Being able to restrict the features your site can use is really nice but being able to restrict features that sites you embed can use is an even better protection to have.

Intéressant : il existe des en-têtes HTTP pour spécifier ce que les iframes/scripts ont le droit d’activer sur votre site : géolocalisation, notifications, etc.