clelland
commented
1 year ago FYI, after talking with @arichiv, I've removed the special handling for the * pseudo-feature for now. We can look at adding it at a later date, or perhaps some different mechanism for setting the default endpoint.
This is a fairly large change, which adds proper support for reporting and a report-only mode to Permissions Policy. Reporting can be configured for individual features, with a new "report-to" parameter on the header declarations.
The Permissions-Policy-Report-Only header allows a parallel policy to be constructed, which will generate warning reports (with a "Report" disposition) but which will not cause use of the feature to be blocked.
Preview | Diff