add Permissions-Policy #7

Merged

meaz merged 2 commits from Permissions_policy into master

2021-04-17 07:38:20 +02:00

meaz commented

2021-04-16 09:16:24 +02:00

Owner

Block google Floc https://plausible.io/blog/google-floc

muppeth was assigned by meaz

2021-04-16 09:16:24 +02:00

antilopa was assigned by meaz

2021-04-16 09:16:24 +02:00

meaz added 1 commit 2021-04-16 09:16:26 +02:00

08ec367e61

add Permissions-Policy

muppeth commented

2021-04-16 10:09:21 +02:00

Owner

Great. Thanks @meaz I would however use opt-out scenario instead of opt in. Same as we do with for example xss:

{% if item.permission_policy is defined and item.permission_policy == 'none' %}
{% else %}
  add_header Permissions-Policy "geolocation=(),interest-cohort=()";
{% endif %}

In that way we block that shit by default and dont need to adjust all vhosts everywhere and only enable if we want to allow it.

Great. Thanks @meaz I would however use opt-out scenario instead of opt in. Same as we do with for example xss: ``` {% if item.permission_policy is defined and item.permission_policy == 'none' %} {% else %} add_header Permissions-Policy "geolocation=(),interest-cohort=()"; {% endif %} ``` In that way we block that shit by default and dont need to adjust all vhosts everywhere and only enable if we want to allow it.

meaz added 1 commit 2021-04-16 10:13:16 +02:00

ee1b806873

block per default

meaz commented

2021-04-16 10:13:22 +02:00

Author

Owner

done

muppeth approved these changes 2021-04-16 10:24:26 +02:00