Permissions-Policy (Feature-Policy) monitoring explained

What it is

Permissions-Policy (formerly Feature-Policy) is an HTTP response header that controls which browser features and APIs (camera, microphone, geolocation, etc.) can be used by your page and embedded frames.

Why it matters

Restricting unnecessary features reduces attack surface and prevents embedded content from using sensitive APIs. Monitoring ensures the header is present and correctly scoped so you don't accidentally allow features you don't need.

How Barrion checks it

Barrion inspects the Permissions-Policy (and legacy Feature-Policy) response header. We report when it is missing or when high-risk features are allowed broadly. Passive header check only.

Run this check →Fix guide

Related

Secure Your Company's Web Apps

Trusted by CTOs, dev teams, and agencies for compliance monitoring and audit-ready security reports.
Get detailed security reports with actionable fixes in under 60 seconds.

Barrion logo icon

Barrion delivers automated security scans and real-time monitoring to keep your applications secure.

Quick Links

For teams

Company

Contact us

Have questions or need assistance? Reach out to our team for support.

[email protected]
Send email icon

© 2025 Barrion AB (559569-0917) - All Rights Reserved.