All fix guides

How to set a Permissions-Policy

Control which powerful browser features (camera, mic, geolocation) your site and its embeds can use.

What it is

Permissions-Policy (formerly Feature-Policy) restricts access to sensitive browser APIs per origin.

Why it matters

Without it, embedded third-party content can request camera, microphone, or location access under your domain's name.

How to fix it

  1. 1Add a restrictive header, e.g. `Permissions-Policy: camera=(), microphone=(), geolocation=()`.
  2. 2Explicitly allow only the features you use, scoped to the origins that need them.
  3. 3Re-scan to confirm.

Not sure if your site is affected?

Run a free scan — or let us fix it all for you.

Privacy and cookie preferences

We use strictly necessary cookies to run the site. Analytics, marketing, and AI assistant telemetry are optional and disabled until you choose. You can update consent any time in Cookie Settings.

Some infrastructure cookies, such as load balancer routing cookies, are essential for service delivery. Details: Cookie Policy