PermissionsPolicy missing some permissions #29
Assignees
Labels
enhancement
New feature or request
Comments
|
Great catch! It was intentional not to include some of the experimental permissions, though a couple must have slipped in. I agree that adding these with clear docstrings noting their experimental status would be helpful. I’ll get this into the next release. Thanks again! |
|
Thank you! Part of me was thinking it could be more helpful to have an allowlist here rather than a blocklist. My perspective is that I'd like to deny everything here unless I explicitly want that permission. Really, this is a deficiency of the Permissions-Policy header (there should be a way to deny all except those allowed), but it would be cool if the package could help with that. |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Hi,
I noticed the PermissionsPolicy doesn't have a few permissions like hid, identity-credentials-get, idle-detection, local-fonts, publickey-credentials-create, serial, storage-access, window-management.
Lots of these are experimental which might be why you've not included them, but other experimental permissions like
xr_spacial_tracking()is included, so maybe this is just an omission rather than intentional.The text was updated successfully, but these errors were encountered: