add permissionsPolicy and deprecate featurePolicy

2021-06-21 21:16:13 +08:00 · 2021-06-21 21:16:13 +08:00 · dca348359b
commit dca348359b
parent cf0759a48f
14 changed files with 42 additions and 11 deletions
--- a/pkg/middlewares/headers/headers.go
+++ b/pkg/middlewares/headers/headers.go
@ -30,6 +30,9 @@ func handleDeprecation(ctx context.Context, cfg *dynamic.Headers) {
 	if cfg.SSLForceHost {
 		log.FromContext(ctx).Warn("SSLForceHost is deprecated, please use RedirectScheme middleware instead.")
 	}
+	if cfg.FeaturePolicy != "" {
+		log.FromContext(ctx).Warn("FeaturePolicy is deprecated, please use PermissionsPolicy header instead.")
+	}
 }

 type headers struct {
--- a/pkg/middlewares/headers/secure.go
+++ b/pkg/middlewares/headers/secure.go
@ -37,6 +37,7 @@ func newSecure(next http.Handler, cfg dynamic.Headers, contextKey string) *secur
 		SSLProxyHeaders:         cfg.SSLProxyHeaders,
 		STSSeconds:              cfg.STSSeconds,
 		FeaturePolicy:           cfg.FeaturePolicy,
+		PermissionsPolicy:       cfg.PermissionsPolicy,
 		SecureContextKey:        contextKey,
 	}

--- a/pkg/middlewares/headers/secure_test.go
+++ b/pkg/middlewares/headers/secure_test.go
@ -130,6 +130,13 @@ func Test_newSecure_modifyResponse(t *testing.T) {
 			},
 			expected: http.Header{"Feature-Policy": []string{"vibrate 'none';"}},
 		},
+		{
+			desc: "PermissionsPolicy",
+			cfg: dynamic.Headers{
+				PermissionsPolicy: "microphone=(),",
+			},
+			expected: http.Header{"Permissions-Policy": []string{"microphone=(),"}},
+		},
 		{
 			desc: "STSSeconds",
 			cfg: dynamic.Headers{