Permissions Policy Header Not Set
- Risk:
Low
- Type:
- Passive
- CWE:
- CWE-693
- Summary
Permissions Policy Header is an added layer of security that helps to restrict from unauthorized access or usage of browser/client features by web resources. This policy ensures the user privacy by limiting or specifying the features of the browsers can be used by the web resources. Permissions Policy provides a set of standard HTTP headers that allow website owners to limit which features of browsers can be used by the page such as camera, microphone, location, full screen etc.
- Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header.
Free security scan for your website