Closed miketheman closed 1 year ago
When performing responses to users, set the Permissions-Policy header to inform the browser that the only functions we actually care about are related to WebAuthN, and nothing else.
Refs: https://developer.mozilla.org/en-US/docs/Web/HTTP/Permissions_Policy Refs: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy
When performing responses to users, set the Permissions-Policy header to inform the browser that the only functions we actually care about are related to WebAuthN, and nothing else.
Refs: https://developer.mozilla.org/en-US/docs/Web/HTTP/Permissions_Policy Refs: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy