Permissions-Policy: attribution-reporting
Limited availability
This feature is not Baseline because it does not work in some of the most widely-used browsers.
Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.
The HTTP Permissions-Policy
header attribution-reporting
directive controls whether the current document is allowed to use the Attribution Reporting API.
Specifically, where a defined policy blocks the use of this feature:
- Background
attributionsrc
requests won't be made. - The
XMLHttpRequest.setAttributionReporting()
method will throw an exception when called. - The
attributionReporting
option, when included on afetch()
call, will cause it to throw an exception. - Registration headers (
Attribution-Reporting-Register-Source
andAttribution-Reporting-Register-Trigger
) in HTTP responses on associated documents will be ignored.
Syntax
http
Permissions-Policy: attribution-reporting=<allowlist>;
<allowlist>
-
A list of origins for which permission is granted to use the feature. See
Permissions-Policy
> Syntax for more details.
Default policy
The default allowlist for attribution-reporting
is *
.
Specifications
Specification |
---|
Attribution Reporting # permission-policy-integration |
Browser compatibility
BCD tables only load in the browser