New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 5 users

Issue metadata

Status: Fixed
Last visit > 30 days ago
Closed: Aug 2017
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac
Pri: 1
Type: Feature

issue 779691
issue 670502

Sign in to add a comment

Issue 666767: Feature Policy: Support WebVR API

Reported by, Nov 18 2016 Project Member

Issue description

Add support for the "webvr" feature in Feature Policy.

The feature hasn't been defined yet in FeaturePolicy.cpp. It should be defined there, and checked before allowing the use of Document.getVRDisplays.

(Check with VR team about whether any other calls need to be blocked; that is the only one mentioned in the spec under the "allowvr" iframe attribute)

If not allowed by policy, the call to getVRDisplays should return a rejected promise.

Comment 1 by, Nov 24 2016

Labels: Proj-VR
WebVR issue:

Comment 2 by, Nov 24 2016

To clarify, you mean having a Chrome policy that can be used to disable WebVR support?

Comment 3 by, Nov 24 2016

Feature Policy refers to*, which is a mechanisms for apps/servers to control whether features are enabled, including on embedded iframes.

* See the explainer - the spec is out of date.

Comment 4 by, Nov 24 2016

+1 to everything ddorwin@ said :)

FP GitHub issue:

This will hopefully be able to replace the "allowvr" iframe attribute with a more configurable policy that can be set by ancestor frames.

This Chromium issue is to implement the linkage between the feature policy code and the WebVR code, to actually deny access to the API in cases where the policy says it should be disabled.

(Sorry if that means the Component is misleading; I've put out a request for a Blink>FeaturePolicy component, but it's not there yet)

Comment 5 by, Dec 2 2016

Blocking: 670502

Comment 6 by, Dec 5 2016

Labels: -OS-Linux -OS-Android -OS-Windows -OS-Chrome -OS-Mac OS-All

Comment 7 by, Dec 6 2016

I had left iOS out of the OS list, since FeaturePolicy is a Blink-specific feature. I'm not certain that we'll be able to support iOS.

Comment 8 by, Jan 3 2017

Components: Blink>FeaturePolicy

Comment 9 by, Mar 21 2017

Blocking: -623682
Labels: -OS-All -Feature-Policy Feature-Policy-V2 OS-Android OS-Chrome OS-Linux OS-Mac OS-Windows
Not blocking launch; slated for V2

Comment 10 by, May 16 2017

Labels: -Pri-3 M-62 Pri-2
iclelland: We'd like to start requiring this in the next update to WebVR, which would be in M62. Is there anything on the Feature Policy side that would block this?

Comment 11 by, Jun 22 2017

Labels: Type-Feature

Comment 12 by, Aug 9 2017

Labels: -Pri-2 Pri-1

Comment 13 by, Aug 14 2017

Status: Assigned (was: Available)

Comment 14 by, Aug 30 2017

Project Member
The following revision refers to this bug:

commit 36e485aae6fcb3231843941f750df0428bcb401d
Author: Biao She <>
Date: Wed Aug 30 23:52:38 2017

Add vr feature policy

This CL enables vr feature policy. So that, if you want to disable vr within
your application, you can delivering the following HTTP response header:
Feature-Policy: vr 'none'
If you want to enable vr for all frames(including cross-origin iframes),
delivering this:
Feature-Policy: vr *
If you want to enable vr just for your own origin, delivering this:
Feature-Policy: vr 'self'

To request vr for iframes, you can
<iframe src="" allow="vr"></iframe> to grant vr to this iframe.

Bug:  666767 
Change-Id: I48d7accf8553d6a9ac19d9f41dbbce2ff9934579
Reviewed-by: Ian Vollick <>
Reviewed-by: Michael Thiessen <>
Reviewed-by: Daniel Cheng <>
Reviewed-by: Brandon Jones <>
Reviewed-by: Ian Clelland <>
Commit-Queue: Biao She <>
Cr-Commit-Position: refs/heads/master@{#498674}

Comment 15 by, Aug 31 2017

Status: Fixed (was: Assigned)

Comment 16 by, Oct 30 2017

Blocking: 779691

Comment 17 by, Jul 4 2018

Components: Blink>WebXR

Sign in to add a comment