# HG changeset patch
# User IBBoard <dev@ibboard.co.uk>
# Date 1619259153 -3600
# Node ID 94f34831132dfec39e5c653fad492dbbd5f54dc9
# Parent  8f008309f94153dbd430bb27ccac36e1a0113280
Opt out of FLOC via headers

https://scotthelme.co.uk/what-the-floc/

diff -r 8f008309f941 -r 94f34831132d modules/website/templates/https_core_conf.erb
--- a/modules/website/templates/https_core_conf.erb	Sat Apr 17 11:35:17 2021 +0100
+++ b/modules/website/templates/https_core_conf.erb	Sat Apr 24 11:12:33 2021 +0100
@@ -8,6 +8,8 @@
 Header always set X-Xss-Protection "1; mode=block"
 Header always set X-Content-Type-Options "nosniff"
 Header always set X-Frame-Options "SAMEORIGIN"
+Header always set Feature-Policy "interest-cohort 'none'; accelerometer 'none'; autoplay 'none'; battery 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none';"
+Header always set Permissions-Policy "interest-cohort=(); accelerometer=(); autoplay=(); battery=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=();"
 
 <If "%{HTTP_HOST} != '<%= @primary_name %>'">
 	Redirect permanent "/" "https://<%= @primary_name %>/"