Web Policies & Reporting

F
Felix Arntz
Felix Arntz / WordCamp Nordic 2019 Web Policies & Reporting Defining Contracts Between Your Site and the Browser
The web is constantly evolving ● Responsive Images ● AJAX Requests ● Geolocation Integration ● Add to Home Screen ● Web Payments ● ...
Web Features, being used in the wild (don’t worry, my site is actually not that terrible)
So we have all these cool features, but how do we use them responsibly?
Feature Policy https://w3c.github.io/webappsec-feature-policy/
Example: Geolocation Feature-Policy: geolocation 'none'
Example: Oversized images Feature-Policy: oversized-images 'none'
Example: Oversized images Feature-Policy: oversized-images 'none'
More Supported Features ● autoplay 'none' ● lazyload ● sync-xhr 'none' ● camera 'none' (coming soon) ● fullscreen 'none' (coming soon) ● ... Try it at feature-policy-demos.appspot.com
Current Browser Support ● Chrome 60+ ● Safari 11.1+ ● Opera 47+ See full browser support caniuse.com/#feat=feature-policy
Reporting API https://w3c.github.io/reporting/
Example Report-To: { "group": "default", "max_age": 10886400, "endpoints": [{ "url": "https://example.com/wp-json/reporting-api" }] }
Supported Report Types ● csp ● crash ● deprecation ● network-error ● feature-policy-violation (coming soon, see crbug.com/867471) ● ...
Current Browser Support ● Chrome 69+
What about WordPress?
Feature Policy for WordPress wordpress.org/plugins/feature-policy/
Reporting API for WordPress wordpress.org/plugins/reporting-api/
Further Reading & Experimenting ● https://developers.google.com/web/updates/2018/06/feature-policy ● https://developers.google.com/web/updates/2018/09/reportingapi ● https://developers.google.com/web/updates/2018/07/reportingobserver ● https://featurepolicy.rocks ● Try the WordPress plugins and give feedback!
Proprietary + Confidential Thank You Felix Arntz @felixarntz
1 of 19

Web Policies & Reporting

Internet

Originally presented at WordCamp Nordic 2019

F
Felix Arntz

Recommended

Leveraging the Power of Custom Elements in Gutenberg by
Leveraging the Power of Custom Elements in GutenbergLeveraging the Power of Custom Elements in Gutenberg
Leveraging the Power of Custom Elements in GutenbergFelix Arntz
2.1K views35 slides
The WordPress Performance Team by
The WordPress Performance TeamThe WordPress Performance Team
The WordPress Performance TeamFelix Arntz
562 views11 slides
Interoperability of components built with different frameworks by
Interoperability of components built with different frameworksInteroperability of components built with different frameworks
Interoperability of components built with different frameworksSouvik Basu
86 views12 slides
Blazor v1.1 by
Blazor v1.1Blazor v1.1
Blazor v1.1Juan Luis Guerrero Minero
3.1K views39 slides
Nuxt로 사내서비스 구현하면서 얻은 경험 공유 by
Nuxt로 사내서비스 구현하면서 얻은 경험 공유Nuxt로 사내서비스 구현하면서 얻은 경험 공유
Nuxt로 사내서비스 구현하면서 얻은 경험 공유민환 조
6.5K views22 slides
Serverless preview environments to the rescue by
Serverless preview environments to the rescueServerless preview environments to the rescue
Serverless preview environments to the rescueJoseph Lust
207 views15 slides

More Related Content

What's hot

Unscrambling An Omelette - How Companies Can Use WordPress Better - Jeremy Ke... by
Unscrambling An Omelette - How Companies Can Use WordPress Better - Jeremy Ke...Unscrambling An Omelette - How Companies Can Use WordPress Better - Jeremy Ke...
Unscrambling An Omelette - How Companies Can Use WordPress Better - Jeremy Ke...WordCamp Sydney
474 views15 slides
Make Local WordPress Development Simple by
Make Local WordPress Development SimpleMake Local WordPress Development Simple
Make Local WordPress Development SimpleWP Engine
900 views28 slides
J&Js adventures with agency best practice & the hybrid MVC framework - Umbrac... by
J&Js adventures with agency best practice & the hybrid MVC framework - Umbrac...J&Js adventures with agency best practice & the hybrid MVC framework - Umbrac...
J&Js adventures with agency best practice & the hybrid MVC framework - Umbrac...Jeavon Leopold
966 views16 slides
Webpack & React Performance in 16+ Steps by
Webpack & React Performance in 16+ StepsWebpack & React Performance in 16+ Steps
Webpack & React Performance in 16+ StepsGrgur Grisogono
4.9K views63 slides
Caching Tips & Tricks by
Caching Tips & TricksCaching Tips & Tricks
Caching Tips & TricksOutSystems
237 views15 slides
WordPress with WP Engine and the Agency Partner Program: Getting Set Up by
WordPress with WP Engine and the Agency Partner Program: Getting Set UpWordPress with WP Engine and the Agency Partner Program: Getting Set Up
WordPress with WP Engine and the Agency Partner Program: Getting Set UpWP Engine
1.2K views31 slides

What's hot(20)

Unscrambling An Omelette - How Companies Can Use WordPress Better - Jeremy Ke... by WordCamp Sydney
Unscrambling An Omelette - How Companies Can Use WordPress Better - Jeremy Ke...Unscrambling An Omelette - How Companies Can Use WordPress Better - Jeremy Ke...
Unscrambling An Omelette - How Companies Can Use WordPress Better - Jeremy Ke...
WordCamp Sydney474 views
Make Local WordPress Development Simple by WP Engine
Make Local WordPress Development SimpleMake Local WordPress Development Simple
Make Local WordPress Development Simple
WP Engine900 views
J&Js adventures with agency best practice & the hybrid MVC framework - Umbrac... by Jeavon Leopold
J&Js adventures with agency best practice & the hybrid MVC framework - Umbrac...J&Js adventures with agency best practice & the hybrid MVC framework - Umbrac...
J&Js adventures with agency best practice & the hybrid MVC framework - Umbrac...
Jeavon Leopold966 views
Webpack & React Performance in 16+ Steps by Grgur Grisogono
Webpack & React Performance in 16+ StepsWebpack & React Performance in 16+ Steps
Webpack & React Performance in 16+ Steps
Grgur Grisogono4.9K views
Caching Tips & Tricks by OutSystems
Caching Tips & TricksCaching Tips & Tricks
Caching Tips & Tricks
OutSystems237 views
WordPress with WP Engine and the Agency Partner Program: Getting Set Up by WP Engine
WordPress with WP Engine and the Agency Partner Program: Getting Set UpWordPress with WP Engine and the Agency Partner Program: Getting Set Up
WordPress with WP Engine and the Agency Partner Program: Getting Set Up
WP Engine1.2K views
Don't let FaaS do a BaaS job by Tessa Mero
Don't let FaaS do a BaaS jobDon't let FaaS do a BaaS job
Don't let FaaS do a BaaS job
Tessa Mero343 views
Web Based Development Introduction by Edy Segura
Web Based Development IntroductionWeb Based Development Introduction
Web Based Development Introduction
Edy Segura2K views
Going Node.js at Netflix by micahr
Going Node.js at NetflixGoing Node.js at Netflix
Going Node.js at Netflix
micahr14.6K views
Server Side React for WordPress by Muhammad Muhsin @ The JavaScript for WordP... by rtCamp
Server Side React for WordPress by Muhammad Muhsin @ The JavaScript for WordP...Server Side React for WordPress by Muhammad Muhsin @ The JavaScript for WordP...
Server Side React for WordPress by Muhammad Muhsin @ The JavaScript for WordP...
rtCamp 3.2K views
Automated perf optimization - jQuery Conference by Matthew Lancaster
Automated perf optimization - jQuery ConferenceAutomated perf optimization - jQuery Conference
Automated perf optimization - jQuery Conference
Matthew Lancaster4.5K views
The JAMStack (Javascript, APIs, Markup). by Michael Brooks
The JAMStack (Javascript, APIs, Markup).The JAMStack (Javascript, APIs, Markup).
The JAMStack (Javascript, APIs, Markup).
Michael Brooks164 views
Universal React apps in Next.js by 🐕 Łukasz Ostrowski
Universal React apps in Next.jsUniversal React apps in Next.js
Universal React apps in Next.js
🐕 Łukasz Ostrowski2K views
Introduction to Vue.js DevStaff Meetup 13.02 by Paul Bele
Introduction to Vue.js DevStaff Meetup 13.02Introduction to Vue.js DevStaff Meetup 13.02
Introduction to Vue.js DevStaff Meetup 13.02
Paul Bele40 views
Branching Your Way to Low-Code Perfection by OutSystems
Branching Your Way to Low-Code PerfectionBranching Your Way to Low-Code Perfection
Branching Your Way to Low-Code Perfection
OutSystems155 views
KubeCon NA - 2021 Tools That I Wish Existed 3 Years Ago To Build a SaaS Offering by Mauricio (Salaboy) Salatino
KubeCon NA - 2021 Tools That I Wish Existed 3 Years Ago To Build a SaaS OfferingKubeCon NA - 2021 Tools That I Wish Existed 3 Years Ago To Build a SaaS Offering
KubeCon NA - 2021 Tools That I Wish Existed 3 Years Ago To Build a SaaS Offering
Mauricio (Salaboy) Salatino294 views
A Lap around ASP.NET 5 - VConf by Sam Basu
A Lap around ASP.NET 5 - VConfA Lap around ASP.NET 5 - VConf
A Lap around ASP.NET 5 - VConf
Sam Basu644 views
PostCSS - process CSS in a modular way. by Andreas Sahle
PostCSS - process CSS in a modular way.PostCSS - process CSS in a modular way.
PostCSS - process CSS in a modular way.
Andreas Sahle1.7K views
Developing SPI applications using Grails and AngularJS by Alvaro Sanchez-Mariscal
Developing SPI applications using Grails and AngularJSDeveloping SPI applications using Grails and AngularJS
Developing SPI applications using Grails and AngularJS
Alvaro Sanchez-Mariscal8.6K views
Build fast word press site in react in 30 mins with frontity by Imran Sayed
Build fast word press site in react in 30 mins with frontityBuild fast word press site in react in 30 mins with frontity
Build fast word press site in react in 30 mins with frontity
Imran Sayed105 views

Similar to Web Policies & Reporting

20 tips for website performance by
20 tips for website performance20 tips for website performance
20 tips for website performanceAndrew Siemer
103 views61 slides
Meet.js Summit 2019 - PWA in practice by
Meet.js Summit 2019 - PWA in practiceMeet.js Summit 2019 - PWA in practice
Meet.js Summit 2019 - PWA in practiceŁukasz Romanowicz
355 views40 slides
Performance Optimization for Mobile Web | Fresh Tilled Soil by
Performance Optimization for Mobile Web | Fresh Tilled SoilPerformance Optimization for Mobile Web | Fresh Tilled Soil
Performance Optimization for Mobile Web | Fresh Tilled SoilFresh Tilled Soil
548 views39 slides
Educate 2017: Quick 'n Lazy: How we keep things speedy while staying out of y... by
Educate 2017: Quick 'n Lazy: How we keep things speedy while staying out of y...Educate 2017: Quick 'n Lazy: How we keep things speedy while staying out of y...
Educate 2017: Quick 'n Lazy: How we keep things speedy while staying out of y...Learnosity
300 views59 slides
JAMstack with gatsby, contentful and netlify aka the dream stack by
JAMstack with gatsby, contentful and netlify aka the dream stackJAMstack with gatsby, contentful and netlify aka the dream stack
JAMstack with gatsby, contentful and netlify aka the dream stackzonathen
282 views33 slides
Building SPAs with AngularJS by
Building SPAs with AngularJSBuilding SPAs with AngularJS
Building SPAs with AngularJSCezar Carneiro
558 views20 slides

Similar to Web Policies & Reporting(20)

20 tips for website performance by Andrew Siemer
20 tips for website performance20 tips for website performance
20 tips for website performance
Andrew Siemer103 views
Meet.js Summit 2019 - PWA in practice by Łukasz Romanowicz
Meet.js Summit 2019 - PWA in practiceMeet.js Summit 2019 - PWA in practice
Meet.js Summit 2019 - PWA in practice
Łukasz Romanowicz355 views
Performance Optimization for Mobile Web | Fresh Tilled Soil by Fresh Tilled Soil
Performance Optimization for Mobile Web | Fresh Tilled SoilPerformance Optimization for Mobile Web | Fresh Tilled Soil
Performance Optimization for Mobile Web | Fresh Tilled Soil
Fresh Tilled Soil548 views
Educate 2017: Quick 'n Lazy: How we keep things speedy while staying out of y... by Learnosity
Educate 2017: Quick 'n Lazy: How we keep things speedy while staying out of y...Educate 2017: Quick 'n Lazy: How we keep things speedy while staying out of y...
Educate 2017: Quick 'n Lazy: How we keep things speedy while staying out of y...
Learnosity300 views
JAMstack with gatsby, contentful and netlify aka the dream stack by zonathen
JAMstack with gatsby, contentful and netlify aka the dream stackJAMstack with gatsby, contentful and netlify aka the dream stack
JAMstack with gatsby, contentful and netlify aka the dream stack
zonathen282 views
Building SPAs with AngularJS by Cezar Carneiro
Building SPAs with AngularJSBuilding SPAs with AngularJS
Building SPAs with AngularJS
Cezar Carneiro558 views
Utilizing HTML5 APIs by Ido Green
Utilizing HTML5 APIsUtilizing HTML5 APIs
Utilizing HTML5 APIs
Ido Green4.6K views
Modern Web Applications Utilizing HTML5 (Dev Con TLV 06-2013) by Ido Green
Modern Web Applications Utilizing HTML5 (Dev Con TLV 06-2013)Modern Web Applications Utilizing HTML5 (Dev Con TLV 06-2013)
Modern Web Applications Utilizing HTML5 (Dev Con TLV 06-2013)
Ido Green890 views
Location Based Services Without the Cocoa by EDINA, University of Edinburgh
Location Based Services Without the CocoaLocation Based Services Without the Cocoa
Location Based Services Without the Cocoa
EDINA, University of Edinburgh726 views
That's Web? Extreme Optimization for the Mobile Web (Oct 2012) by Glan Thomas
That's Web? Extreme Optimization for the Mobile Web (Oct 2012)That's Web? Extreme Optimization for the Mobile Web (Oct 2012)
That's Web? Extreme Optimization for the Mobile Web (Oct 2012)
Glan Thomas922 views
Desarrollo de apps multiplataforma con tecnologías web by Software Guru
Desarrollo de apps multiplataforma con tecnologías webDesarrollo de apps multiplataforma con tecnologías web
Desarrollo de apps multiplataforma con tecnologías web
Software Guru1.6K views
Sg conference multiplatform_apps_adam_stanley by n_adam_stanley
Sg conference multiplatform_apps_adam_stanleySg conference multiplatform_apps_adam_stanley
Sg conference multiplatform_apps_adam_stanley
n_adam_stanley781 views
Modern Web Applications Utilizing HTML5 APIs by Ido Green
Modern Web Applications Utilizing HTML5 APIsModern Web Applications Utilizing HTML5 APIs
Modern Web Applications Utilizing HTML5 APIs
Ido Green4.5K views
Generic-resume by Dan WEATHERBEE
Generic-resumeGeneric-resume
Generic-resume
Dan WEATHERBEE63 views
Building your own calendly using amazon app sync by Dhaval Nagar
Building your own calendly using amazon app syncBuilding your own calendly using amazon app sync
Building your own calendly using amazon app sync
Dhaval Nagar159 views
Web applications support on AGL by Igalia
Web applications support on AGLWeb applications support on AGL
Web applications support on AGL
Igalia43 views
Making Single Page Applications (SPA) faster by Boris Livshutz
Making Single Page Applications (SPA) faster Making Single Page Applications (SPA) faster
Making Single Page Applications (SPA) faster
Boris Livshutz1.9K views
Velocity spa faster_092116 by Manuel Alvarez
Velocity spa faster_092116Velocity spa faster_092116
Velocity spa faster_092116
Manuel Alvarez418 views
"Progressive Web Apps" by Riza Fahmi (Hacktiv8) by Tech in Asia ID
"Progressive Web Apps" by Riza Fahmi (Hacktiv8)"Progressive Web Apps" by Riza Fahmi (Hacktiv8)
"Progressive Web Apps" by Riza Fahmi (Hacktiv8)
Tech in Asia ID313 views
Progressive Web Apps. What, why and how by Riza Fahmi
Progressive Web Apps. What, why and howProgressive Web Apps. What, why and how
Progressive Web Apps. What, why and how
Riza Fahmi2.5K views

Recently uploaded

Building trust in our information ecosystem: who do we trust in an emergency by
Building trust in our information ecosystem: who do we trust in an emergencyBuilding trust in our information ecosystem: who do we trust in an emergency
Building trust in our information ecosystem: who do we trust in an emergencyTina Purnat
110 views18 slides
information by
informationinformation
informationkhelgishekhar
10 views4 slides
How to think like a threat actor for Kubernetes.pptx by
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptxLibbySchulze1
5 views33 slides
Affiliate Marketing by
Affiliate MarketingAffiliate Marketing
Affiliate MarketingNavin Dhanuka
17 views30 slides
IETF 118: Starlink Protocol Performance by
IETF 118: Starlink Protocol PerformanceIETF 118: Starlink Protocol Performance
IETF 118: Starlink Protocol PerformanceAPNIC
414 views22 slides
The Dark Web : Hidden Services by
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden ServicesAnshu Singh
14 views24 slides

Recently uploaded(9)

Building trust in our information ecosystem: who do we trust in an emergency by Tina Purnat
Building trust in our information ecosystem: who do we trust in an emergencyBuilding trust in our information ecosystem: who do we trust in an emergency
Building trust in our information ecosystem: who do we trust in an emergency
Tina Purnat110 views
information by khelgishekhar
informationinformation
information
khelgishekhar10 views
How to think like a threat actor for Kubernetes.pptx by LibbySchulze1
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptx
LibbySchulze15 views
Affiliate Marketing by Navin Dhanuka
Affiliate MarketingAffiliate Marketing
Affiliate Marketing
Navin Dhanuka17 views
IETF 118: Starlink Protocol Performance by APNIC
IETF 118: Starlink Protocol PerformanceIETF 118: Starlink Protocol Performance
IETF 118: Starlink Protocol Performance
APNIC414 views
The Dark Web : Hidden Services by Anshu Singh
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
Anshu Singh14 views
Marketing and Community Building in Web3 by Federico Ast
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3
Federico Ast14 views
ATPMOUSE_융합2조.pptx by kts120898
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptx
kts12089835 views
hamro digital logics.pptx by tupeshghimire
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptx
tupeshghimire10 views

Web Policies & Reporting