Feature-Policy security header for the whonix.org website

Feature-Policy is deprecated and replaced with Permissions Policy:


1 Like

Similar to Whonix website security rating - "B" (Mozilla Observatory) - Content Security Policy (CSP).

Browsers don’t support permission policy yet and there’s no documentation (that I understand with reasonable time spent) on how to use it.

Quote https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy



This is an experimental technology
Check the Browser compatibility table carefully before using this in production.


The header has now been renamed to Permissions-Policy in the spec, and this article will eventually be updated to reflect that change.

Once that changes, I will look into it. Waiting for major browser supporting and documenting that such as Mozilla MDN.

1 Like

Similar to COEP COOP CORP CORS CORB security headers for whonix.org.

1 Like

looks working good on main website and forums.

Patrick via Whonix Forum:

1 Like
[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]