| Details | |
|---|---|
| Alert ID | 10063-2 |
| Alert Type | Passive |
| Status | beta |
| Risk | Low |
| CWE | 16 |
| WASC | 15 |
| Technologies Targeted | All |
| Tags |
CWE-16 OWASP_2017_A05 OWASP_2021_A01 POLICY_PENTEST POLICY_QA_STD SYSTEMIC |
| More Info |
Scan Rule Help |
Summary
The header has now been renamed to Permissions-Policy.
Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header instead of the Feature-Policy header.Other Info
References
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Permissions-Policy
- https://scotthelme.co.uk/goodbye-feature-policy-and-hello-permissions-policy/