philpursglove
commented
6 years ago Looking at Scott Helme's blog and the feature names he uses in his examples vs. the feature names listed here, I think this needs to wait a bit until Feature Policy is a bit more done that it currently is. (That said, I think for almost every feature our policy just needs to run it off...)
Add a http header for Feature Policy - see https://scotthelme.co.uk/a-new-security-header-feature-policy/
Extend the existing SecurityHeadersFilter to add Feature-Policy.