@jackdbd/eleventy-plugin-permissions-policy NPM

@jackdbd/eleventy-plugin-permissions-policy

Snyk Vulnerabilities for npm package

Eleventy plugin for the Permissions-Policy and Feature-Policy headers.

Installation

npm install --save-dev @jackdbd/eleventy-plugin-permissions-policy

Usage

const { permissionsPolicyPlugin } = require('@jackdbd/eleventy-plugin-permissions-policy')

module.exports = function (eleventyConfig) {
  // some eleventy configuration...

  eleventyConfig.addPlugin(permissionsPolicyPlugin, {
    directives: [
      { feature: 'autoplay', allowlist: ['*'] },
      { feature: 'geolocation', allowlist: ['self'] },
      { feature: 'camera', allowlist: ['self', 'https://trusted-site.example'] },
      { feature: 'fullscreen', allowlist: [] }
    ],
    includeFeaturePolicy: true
  })

  // some more eleventy configuration...
}

Configuration

Read these resources to understand how to configure these HTTP response headers.

Required parameters

None.

Options

Option	Default	Explanation
`directives`	`[]`	Policy directives.
`excludePatterns`	`[]`	Files that match these patterns will not be served with the Permissions-Policy header (nor with the Feature-Policy header, if generated).
`includePatterns`	`['/', '/*/']`	Files that match these patterns will be served with the Permissions-Policy header (and also with the Feature-Policy header, if generated).
`jsonRecap`	`false`	Whether to write a JSON containing the configuration of this plugin. This can useful for troubleshooting the permissions policy and/or to consume it with some other tool.
`includeFeaturePolicy`	`true`	Whether to generate also a Feature-Policy header.