Feature-Policy: fullscreen
Feature-Policy: fullscreen
Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.
The HTTP Feature-Policy
header fullscreen
directive controls whether the current document is allowed to use Element.requestFullScreen()
. When this policy is enabled, the returned Promise
rejects with a TypeError
.
By default, top-level documents and their same-origin child frames can request and enter fullscreen mode. This directive allows or prevents cross-origin frames from using fullscreen mode. This includes same-origin frames.
Note: If both this directive (i.e. via the allow
attribute) and the allowfullscreen
attribute are present on an <iframe>
element, this directive takes precedence. There was a bug whereby the fullscreen
directive didn't work unless the allowfullscreen
attribute was also present, but this has been fixed as of Firefox 80 (bug 1608358).
Syntax
Feature-Policy: fullscreen <allowlist>;
- <allowlist>
-
A list of origins for which the feature is allowed. See
Feature-Policy
.
Default policy
Default allow list for fullscreen
is 'self'
.
Examples
General example
SecureCorp Inc. wants to disable the Fullscreen API within all browsing contexts except for its own origin and those whose origin is https://example.com
. It can do so by delivering the following HTTP response header to define a feature policy:
Feature-Policy: fullscreen 'self' https://example.com
With an <iframe> element
FastCorp Inc. wants to disable fullscreen
for all cross-origin child frames, except for a specific <iframe>. It can do so by delivering the following HTTP response header to define a feature policy:
Feature-Policy: fullscreen 'self'
Then include an allow attribute on the <iframe>
element:
<iframe src="https://other.com/videoplayer" allow="fullscreen"></iframe>
iframe attributes can selectively enable features in certain frames, and not in others, even if those frames contain documents from the same origin.
Specifications
Browser compatibility
Desktop | Mobile | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Chrome | Edge | Firefox | Internet Explorer | Opera | Safari | WebView Android | Chrome Android | Firefox for Android | Opera Android | Safari on IOS | Samsung Internet | |
fullscreen |
62 |
79 |
65
Before Firefox 80, applying
fullscreen to an <iframe> (i.e. via the allow attribute) does not work unless the allowfullscreen attribute is also present. |
No |
49 |
No |
62 |
62 |
65 |
46 |
No |
8.0 |
See also
© 2005–2021 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy/fullscreen