checklist.day

Permissions Policy Middleware

JSON →
library 0.6.0 ·javascript
verified May 27, 2026
http-networkingauth-securityweb-framework

The `permissions-policy` package provides Express and Connect middleware for managing the `Permissions-Policy` HTTP header. This header controls which browser features and APIs (like camera, microphone, geolocation) are available to a document and its iframes, enhancing web security. It is the modern successor to the deprecated `Feature-Policy` header and is built upon the foundational work of Evan Hahn, a well-known contributor to web security middleware (e.g., Helmet). Currently stable at version 0.6.0, the package receives periodic updates, with recent releases focusing on improved ESM exports and increased flexibility in defining policy directives. Its primary differentiator is its dedicated, streamlined focus on this single, crucial security header, making it an ideal component for integration into broader security middleware suites.

Traffic · last 30 days ↓82% vs prev 7d · indexed Thu Apr 23 · updated Sun Jun 07

total hits 28
actors 9 distinct systems
last hit 3d ago human
MetaBot
4
GPTBot
2
Script
1
ClaudeBot
1
Search engines
2
Humans
2

top countries 🇺🇸 United States · 🇩🇪 Germany · 🇫🇷 France · 🇨🇦 Canada · 🇸🇪 Sweden

Resources

githubgithub.com/pedro-gbf/permissions-policy ↗
packagewww.npmjs.com/package/permissions-policy ↗
homepagehelmetjs.github.io ↗

API endpoints

full doc /v1/registry/permissions-policy
install /v1/registry/permissions-policy/install
compatibility /v1/registry/permissions-policy/compatibility