[#30491] - [4.0] Add new permissions-policy to the HTTPHeaders Plugin
- Fixed in Code Base
- 27 Aug 2020
- Medium
- Build: 4.0-dev
- # 30491
- Diff
- zero-24:permissionpolicy
User tests: Successful: Unsuccessful:
Pull Request for Issue w3c/webappsec-permissions-policy#379
Summary of Changes
The Feature-policy has been renamed to permissions-policy: w3c/webappsec-permissions-policy#379
More details:
https://www.chromestatus.com/feature/5745992911552512
https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/As1ABvc2QdA/yZSpPXY4CAAJ
Testing Instructions
Make sure you can now set feature-policy and permissions-policy.
Actual result BEFORE applying this Pull Request
We could only set feature-policy
Expected result AFTER applying this Pull Request
we can set feature + permissions-policy
Documentation Changes Required
Docpage has been updated: https://docs.joomla.org/J4.x:Http_Header_Management
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | Front End Plugins |
It is not listed as an option. I assume it is replacing feature policy and not in addition to.
In the doc page, the link is invalid for Feature-Policy / Permissions-Policy.
| Labels |
Added:
?
|
||
It is not listed as an option.
Fixed
I assume it is replacing feature policy and not in addition to.
Well yes and no. It is not shipped with the browsers yet and the old have to used for old browsers.
In the doc page, the link is invalid for Feature-Policy / Permissions-Policy.
I'm on it.
In the doc page, the link is invalid for Feature-Policy / Permissions-Policy.
fixed
Under Referrer-Policy and Cross-Origin-Opener-Policy, options are in lower case, but not under Force HTTP Headers. It can be changed as follows thus no need to add labels.
<option value="content-security-policy"></option>
<option value="content-security-policy-report-only"></option>
<option value="cross-origin-opener-policy"></option>
<option value="expect-ct"></option>
<option value="feature-policy"></option>
<option value="permissions-policy"></option>
<option value="referrer-policy"></option>
<option value="strict-transport-security"></option>
<option value="x-frame-options"></option>
Under
Referrer-PolicyandCross-Origin-Opener-Policy, options are in lower case, but not underForce HTTP Headers.
I can not follow you. I would like to keep the labels as they read better to me.
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/30491.
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/30491.
| Status | Pending | ⇒ | Ready to Commit |
RTC thanks
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/30491.
| Status | Ready to Commit | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2020-08-27 14:56:11 |
| Closed_By | ⇒ | Quy | |
| Labels |
Added:
?
|
||
I have tested this item✅ successfully on 0bcbdbb
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/30491.