Permissions-Policy (Feature-Policy) monitoring explained

What it is

Permissions-Policy (formerly Feature-Policy) is an HTTP response header that controls which browser features and APIs (camera, microphone, geolocation, etc.) can be used by your page and embedded frames.

Why it matters

Restricting unnecessary features reduces attack surface and prevents embedded content from using sensitive APIs. Monitoring ensures the header is present and correctly scoped so you don't accidentally allow features you don't need.

How Barrion checks it

Barrion inspects the Permissions-Policy (and legacy Feature-Policy) response header. We report when it is missing or when high-risk features are allowed broadly. Passive header check only.

Run this check →Fix guide

Related

Secure Your Web Apps

Trusted by dev teams and agencies for security monitoring and audit-ready reports.
Get detailed security reports with step-by-step fixes in under 60 seconds.

Barrion logo icon

Barrion delivers automated security scans and real-time monitoring to keep your applications secure.

Quick Links

For teams

Company

Contact us

Have questions or need assistance? Reach out to our team for support.

contact@barrion.io
Send email icon

© 2025-2026 Barrion AB (559569-0917) - All Rights Reserved.