Document Policy restricts the surface area of the web platform on a per-document basis, similar to iframe sandboxing, but more flexibly. It can do things like: - Restrict the use of poorly-performing images - Disable slow synchronous JS APIs - Configure iframe, image, or script loading styles - Restrict overall document sizes or network usage - Restrict patterns which cause page re-layout This is just the HTTP header used to set a policy on a document, separate from any features.
(Mostly see the Document Policy feature for motivation) In addition to the items listed in the summary, the header will be immediately important for allowing sites to opt out of fragment and text-fragment scrolling on load, as a privacy mitigation for the Scroll-to-text-fragment feature.
Specification being incubated in a Community Group
Status in Chromium
Enabled by default
Consensus & Standardization
- No signal
- No signals
Intent to Prototype urlIntent to Prototype thread
Last updated on 2022-01-14