├── src
    ├── Value.php
    ├── Formatter
    │   ├── FormatContract.php
    │   └── PolicyFormatter.php
    ├── FeatureGroups
    │   ├── FeatureGroupContract.php
    │   ├── DirectiveContract.php
    │   ├── ProposedFeatureGroup.php
    │   └── DefaultFeatureGroup.php
    ├── Exceptions
    │   ├── DisabledFeatureGroupException.php
    │   ├── UnknownPermissionGroupException.php
    │   ├── UnsupportedPermissionException.php
    │   └── InvalidFeaturePolicy.php
    ├── Policies
    │   ├── Basic.php
    │   ├── PolicyContract.php
    │   └── Policy.php
    ├── PolicyFactory.php
    ├── FeaturePolicyServiceProvider.php
    ├── AddFeaturePolicyHeaders.php
    └── Directive.php
├── .editorconfig
├── .github
    ├── pull_request_template.md
    ├── dependabot.yml
    ├── workflows
    │   ├── test.yml
    │   └── code-quality.yml
    └── ISSUE_TEMPLATE
    │   ├── feature_request.yml
    │   └── bug_report.yml
├── phpstan.neon.dist
├── config
    └── feature-policy.php
├── LICENSE.md
├── CHANGELOG.md
├── composer.json
├── rector.php
├── CONTRIBUTING.md
├── .php-cs-fixer.dist.php
├── CODE_OF_CONDUCT.md
└── README.md


/src/Value.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | namespace Mazedlx\FeaturePolicy;
 4 | 
 5 | abstract class Value
 6 | {
 7 |     final public const ALL = '*';
 8 |     final public const SELF = 'self';
 9 |     final public const NONE = '()';
10 | }
11 | 


--------------------------------------------------------------------------------
/src/Formatter/FormatContract.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\Formatter;
 6 | 
 7 | use Stringable;
 8 | 
 9 | interface FormatContract extends Stringable
10 | {
11 |     public function __toString(): string;
12 | }
13 | 


--------------------------------------------------------------------------------
/src/FeatureGroups/FeatureGroupContract.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\FeatureGroups;
 6 | 
 7 | interface FeatureGroupContract
 8 | {
 9 |     public static function directive(string $directive): DirectiveContract;
10 | }
11 | 


--------------------------------------------------------------------------------
/.editorconfig:
--------------------------------------------------------------------------------
 1 | root = true
 2 | 
 3 | [*]
 4 | charset = utf-8
 5 | end_of_line = lf
 6 | 
 7 | indent_style = space
 8 | indent_size = 4
 9 | 
10 | trim_trailing_whitespace = true
11 | insert_final_newline = true
12 | 
13 | [*.yml]
14 | indent_size = 2
15 | 
16 | [*.md]
17 | trim_trailing_whitespace = false
18 | 


--------------------------------------------------------------------------------
/.github/pull_request_template.md:
--------------------------------------------------------------------------------
 1 | ## What does this pull request change or introduce
 2 | 
 3 | ## What is the impact of these changes
 4 | 
 5 | ## Checklist
 6 | - [ ] An issue was created before proposing this change
 7 | - [ ] Tests for the changes have been added
 8 | - [ ] Tests are passing
 9 | 
10 | ## Steps to reproduce / test
11 | 1.
12 | 
13 | ## Other information:
14 | 


--------------------------------------------------------------------------------
/src/Exceptions/DisabledFeatureGroupException.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\Exceptions;
 6 | 
 7 | use Exception;
 8 | 
 9 | final class DisabledFeatureGroupException extends Exception
10 | {
11 |     public function __construct(string $directive)
12 |     {
13 |         parent::__construct("The directive ($directive) is disabled.");
14 |     }
15 | }
16 | 


--------------------------------------------------------------------------------
/src/Exceptions/UnknownPermissionGroupException.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\Exceptions;
 6 | 
 7 | use Exception;
 8 | 
 9 | final class UnknownPermissionGroupException extends Exception
10 | {
11 |     public function __construct(string $type)
12 |     {
13 |         parent::__construct("The directive type '${type}' is unknown.");
14 |     }
15 | }
16 | 


--------------------------------------------------------------------------------
/src/Policies/Basic.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | namespace Mazedlx\FeaturePolicy\Policies;
 4 | 
 5 | use Mazedlx\FeaturePolicy\Value;
 6 | use Mazedlx\FeaturePolicy\Directive;
 7 | 
 8 | final class Basic extends Policy
 9 | {
10 |     public function configure()
11 |     {
12 |         $this->addDirective(Directive::GEOLOCATION, Value::SELF)
13 |             ->addDirective(Directive::FULLSCREEN, Value::SELF);
14 |     }
15 | }
16 | 


--------------------------------------------------------------------------------
/src/Exceptions/UnsupportedPermissionException.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\Exceptions;
 6 | 
 7 | use Exception;
 8 | 
 9 | final class UnsupportedPermissionException extends Exception
10 | {
11 |     public function __construct(string $directive)
12 |     {
13 |         parent::__construct("The directive '${directive}' is not valid in a Feature-Policy header.");
14 |     }
15 | }
16 | 


--------------------------------------------------------------------------------
/src/Exceptions/InvalidFeaturePolicy.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | namespace Mazedlx\FeaturePolicy\Exceptions;
 4 | 
 5 | use Exception;
 6 | use Mazedlx\FeaturePolicy\Policies\Policy;
 7 | 
 8 | final class InvalidFeaturePolicy extends Exception
 9 | {
10 |     public static function create($class): self
11 |     {
12 |         $className = $class::class;
13 | 
14 |         return new self("The Feature-Policy class '{$className}' is not valid. A valid policy extends " . Policy::class);
15 |     }
16 | }
17 | 


--------------------------------------------------------------------------------
/src/PolicyFactory.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | namespace Mazedlx\FeaturePolicy;
 4 | 
 5 | use Mazedlx\FeaturePolicy\Policies\Policy;
 6 | use Mazedlx\FeaturePolicy\Exceptions\InvalidFeaturePolicy;
 7 | 
 8 | final class PolicyFactory
 9 | {
10 |     public static function create(string $className): Policy
11 |     {
12 |         $policy = app($className);
13 | 
14 |         if (! is_a($policy, Policy::class, true)) {
15 |             throw InvalidFeaturePolicy::create($policy);
16 |         }
17 | 
18 |         return $policy;
19 |     }
20 | }
21 | 


--------------------------------------------------------------------------------
/src/Policies/PolicyContract.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\Policies;
 6 | 
 7 | use Stringable;
 8 | use Illuminate\Http\Request;
 9 | use Symfony\Component\HttpFoundation\Response;
10 | 
11 | interface PolicyContract extends Stringable
12 | {
13 |     public function addDirective(string $directive, $values, ?string $type = 'default'): self;
14 |     public function shouldBeApplied(Request $request, Response $response): bool;
15 |     public function applyTo(Response $response): void;
16 | }
17 | 


--------------------------------------------------------------------------------
/src/FeatureGroups/DirectiveContract.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\FeatureGroups;
 6 | 
 7 | interface DirectiveContract
 8 | {
 9 |     public function name(): string;
10 | 
11 |     public function rules(): array;
12 | 
13 |     public function addRule(string $rule): static;
14 | 
15 |     public function note(): string;
16 | 
17 |     public function isDeprecated(): bool;
18 | 
19 |     public function specificationName(): string;
20 | 
21 |     public function specificationUrl(): string;
22 | 
23 |     public function browserSupport(): string;
24 | 
25 |     public function browserSupportUrl(): string;
26 | }
27 | 


--------------------------------------------------------------------------------
/phpstan.neon.dist:
--------------------------------------------------------------------------------
 1 | # Default PHPStan config
 2 | # can be overridden by copying this to phpstan.neon
 3 | # if that file exists, then that will be used as config
 4 | 
 5 | parameters:
 6 | 
 7 |     paths:
 8 |         - src
 9 |         - tests
10 | 
11 |     # The level ranges from 0 to 9 and the latter is the highest level
12 |     # more info at https://phpstan.org/user-guide/rule-levels
13 |     level: 5
14 | 
15 |     reportUnmatchedIgnoredErrors: false
16 | 
17 |     # Optional for having a clickable link to PHPStorm
18 |     # editorUrl: 'phpstorm://open?file=%%file%%&line=%%line%%'
19 | 
20 |     ignoreErrors:
21 |         - '#Call to an undefined method Illuminate\\Support\\HigherOrder#'
22 | 


--------------------------------------------------------------------------------
/src/FeaturePolicyServiceProvider.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | namespace Mazedlx\FeaturePolicy;
 4 | 
 5 | use Illuminate\Support\ServiceProvider;
 6 | 
 7 | final class FeaturePolicyServiceProvider extends ServiceProvider
 8 | {
 9 |     public function boot(): void
10 |     {
11 |         if (! $this->app->runningInConsole()) {
12 |             return;
13 |         }
14 | 
15 |         if (! function_exists('config_path')) {
16 |             return;
17 |         }
18 | 
19 |         $this->publishes([
20 |             __DIR__ . '/../config/feature-policy.php' => config_path('feature-policy.php'),
21 |         ], 'config');
22 |     }
23 | 
24 |     public function register(): void
25 |     {
26 |         $this->mergeConfigFrom(__DIR__ . '/../config/feature-policy.php', 'feature-policy');
27 |     }
28 | }
29 | 


--------------------------------------------------------------------------------
/config/feature-policy.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | return [
 4 |     'enabled' => env('FPH_ENABLED', true),
 5 | 
 6 |     /*
 7 |      * A policy will determine which Feature-Policy headers will be set.
 8 |      * A valid policy extends `Mazedlx\FeaturePolicy\Policies\Policy`
 9 |      */
10 |     'policy' => Mazedlx\FeaturePolicy\Policies\Basic::class,
11 | 
12 |     /** @see https://github.com/w3c/webappsec-permissions-policy/blob/main/features.md */
13 |     'directives' => [
14 |         'proposal' => env('FPH_PROPOSAL_ENABLED', false),
15 |         'experimental' => env('FPH_EXPERIMENTAL_ENABLED', false),
16 |     ],
17 | 
18 |     'reporting' => [
19 |         'enabled' => env('FPH_REPORTING_ENABLED', false),
20 |         'report_only' => env('FPH_REPORT_ONLY', false),
21 |         'url' => env('FPH_REPORTING_URL', 'https://reportingapi.tools/public/submit'),
22 |     ],
23 | ];
24 | 


--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
 1 | # To get started with Dependabot version updates, you'll need to specify which
 2 | # package ecosystems to update and where the package manifests are located.
 3 | # Please see the documentation for all configuration options:
 4 | # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
 5 | 
 6 | version: 2
 7 | updates:
 8 |   - package-ecosystem: "composer"
 9 |     directory: "/"
10 |     open-pull-requests-limit: 5
11 |     schedule:
12 |       interval: "weekly"
13 |     commit-message:
14 |       prefix: '[composer]'
15 |       prefix-development: '[composer]'
16 |       
17 |   - package-ecosystem: "github-actions"
18 |     directory: "/"
19 |     open-pull-requests-limit: 5
20 |     schedule:
21 |       interval: "weekly"
22 |     commit-message:
23 |       prefix: '[gh-action]'
24 |       prefix-development: '[gh-action]'
25 | 


--------------------------------------------------------------------------------
/.github/workflows/test.yml:
--------------------------------------------------------------------------------
 1 | name: Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   phpunit:
 9 |     runs-on: ${{ matrix.os }}
10 | 
11 |     strategy:
12 |       fail-fast: false
13 |       matrix:
14 |         os:
15 |           - ubuntu-latest
16 |         php:
17 |           - 8.1
18 |           - 8.2
19 | 
20 |     steps:
21 |       - name: Checkout code
22 |         uses: actions/checkout@v6
23 | 
24 |       - name: Setup PHP
25 |         uses: shivammathur/setup-php@v2
26 |         with:
27 |           php-version: ${{ matrix.php }}
28 |           extensions: dom, curl, libxml, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite
29 |           tools: composer:v2
30 |           coverage: none
31 | 
32 |       - name: Install Composer dependencies
33 |         run: composer install --prefer-dist --no-interaction
34 | 
35 |       - name: Execute tests
36 |         run: vendor/bin/phpunit --no-coverage
37 | 


--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) mazedlx.net webproductions <mazedlx@gmail.com>
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in
13 | all copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | THE SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/src/AddFeaturePolicyHeaders.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | namespace Mazedlx\FeaturePolicy;
 4 | 
 5 | use Closure;
 6 | use Illuminate\Http\Request;
 7 | use Illuminate\Support\Collection;
 8 | use Mazedlx\FeaturePolicy\Policies\Policy;
 9 | 
10 | final class AddFeaturePolicyHeaders
11 | {
12 |     public function handle(Request $request, Closure $next, $customPolicyClass = null)
13 |     {
14 |         $response = $next($request);
15 | 
16 |         $this->getPolicies($customPolicyClass)
17 |             ->filter(fn (Policy $policy) => $policy->shouldBeApplied($request, $response))
18 |             ->each(fn (Policy $policy) => $policy->applyTo($response));
19 | 
20 |         return $response;
21 |     }
22 | 
23 |     protected function getPolicies(?string $customPolicyClass = null): Collection
24 |     {
25 |         $policies = collect();
26 | 
27 |         if ($customPolicyClass) {
28 |             $policies->push(PolicyFactory::create($customPolicyClass));
29 | 
30 |             return $policies;
31 |         }
32 | 
33 |         $policyClass = config('feature-policy.policy');
34 | 
35 |         if (! empty($policyClass)) {
36 |             $policies->push(PolicyFactory::create($policyClass));
37 |         }
38 | 
39 |         return $policies;
40 |     }
41 | }
42 | 


--------------------------------------------------------------------------------
/src/Formatter/PolicyFormatter.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\Formatter;
 6 | 
 7 | use Stringable;
 8 | use Illuminate\Support\Collection;
 9 | use Mazedlx\FeaturePolicy\FeatureGroups\DirectiveContract;
10 | 
11 | final class PolicyFormatter implements FormatContract
12 | {
13 |     private readonly Collection $directives;
14 | 
15 |     public function __construct(array $directives)
16 |     {
17 |         $this->directives = collect($directives);
18 |     }
19 | 
20 |     public function __toString(): string
21 |     {
22 |         return $this->directives
23 |             ->map(function (DirectiveContract $directive) {
24 |                 $formattedRules = implode(' ', $directive->rules());
25 | 
26 |                 if (count($directive->rules()) === 1) {
27 |                     return "{$directive->name()}={$formattedRules}";
28 |                 }
29 | 
30 |                 return "{$directive->name()}=({$formattedRules})";
31 |             })
32 |             ->when(
33 |                 config('feature-policy.reporting.enabled'),
34 |                 function (Collection $collection) {
35 |                     $collection->add('report-to=violation-reports');
36 |                 }
37 |             )
38 |             ->implode(',');
39 |     }
40 | }
41 | 


--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
 1 | # Changelog
 2 | 
 3 | ## 2.1.0 - 2023-05-02
 4 | 
 5 | - update standardised permission policies by @Treggats in #26
 6 | - introduced proposed permission policies by @Treggats in #27
 7 | - PHPUnit upgrade to version 10 by @Treggats in #22
 8 | - templates for new issues and bug reports
 9 | - a lot of under the hood changes
10 | 
11 | ## 2.0.0 - 2023-03-22
12 | 
13 | - add Github Action workflows for testing and code quality
14 |   * PHPStan
15 |   * PHP CS Fixer
16 | - replace PHPCS with PHP CS Fixer
17 | - drop support for PHP < 7.4
18 | - add support for PHP 7.4 - 8.2
19 | - drop support for Laravel < 7.0
20 | - add support for Laravel 7.x - 10.x
21 | - update PHPUnit configuration
22 | 
23 | ## 1.3.0 - 2022-01-31
24 | 
25 | - add support for PHP 8.1
26 | - add support for Laravel 9
27 | 
28 | ## 1.2.0 - 2021-10-25
29 | 
30 | - implemented [RFC-8941](https://datatracker.ietf.org/doc/html/rfc8941) Structured Field Values for directive values
31 | 
32 | ## 1.1.2 - 2021-01-02
33 | 
34 | - add PHP 8 support
35 | 
36 | ## 1.0.9 - 2019-09-14
37 | 
38 | - fix array and string helpers missing from Laravel's core
39 | 
40 | ## 1.0.8 - 2019-08-27
41 | 
42 | - add missing directive
43 | 
44 | ## 1.0.7 - 2019-08-27
45 | 
46 | - get the package ready for Laravel 6.0
47 | 
48 | ## 1.0.1 - 2018-08-28
49 | 
50 | - fixed Laravel package autodiscover in composer.json
51 | 
52 | ## 1.0.0 - 2018-08-28
53 | 
54 | - initial release
55 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.yml:
--------------------------------------------------------------------------------
 1 | name: Change request
 2 | description: Request a new feature, propose a change or if you just have a question.
 3 | title: "[Feature]: "
 4 | labels: ["enhancement"]
 5 | assignees:
 6 |   -
 7 | body:
 8 |   - type: markdown
 9 |     attributes:
10 |       value: |
11 |         Thanks for helping improving this package.
12 | 
13 |         Let us know if there is something that can be improved; an awesome new feature that should be added or if you just have a question.
14 | 
15 |   - type: dropdown
16 |     id: request-type
17 |     attributes:
18 |       label: Type of request
19 |       description: What kind of request is this?
20 |       options:
21 |         - improvement
22 |         - new feature
23 |         - question
24 |     validations:
25 |       required: true
26 | 
27 |   - type: textarea
28 |     id: request
29 |     attributes:
30 |       label: Requested change or question
31 |       description: What is your proposed change or improvement.
32 |       placeholder: What's you idea or request, or if you just have a question.
33 |     validations:
34 |       required: true
35 | 
36 |   - type: checkboxes
37 |     id: terms
38 |     attributes:
39 |       label: Code of Conduct
40 |       description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/mazedlx/laravel-feature-policy/blob/main/CODE_OF_CONDUCT.md)
41 |       options:
42 |         - label: I agree to follow this project's Code of Conduct
43 |           required: true
44 | 


--------------------------------------------------------------------------------
/composer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "name": "mazedlx/laravel-feature-policy",
 3 |     "description": "Add Feature-Policy headers to the responses of a Laravel app",
 4 |     "keywords": [
 5 |         "laravel-feature-policy",
 6 |         "feature-policy",
 7 |         "security",
 8 |         "headers",
 9 |         "laravel"
10 |     ],
11 |     "type": "library",
12 |     "license": "MIT",
13 |     "authors": [
14 |         {
15 |             "name": "Christian Leo-Pernold",
16 |             "email": "mazedlx@gmail.com"
17 |         }
18 |     ],
19 |     "minimum-stability": "stable",
20 |     "require": {
21 |         "php": "^8.1|^8.2",
22 |         "illuminate/http": "^7.0|^8.0|^9.0|^10.0|^11.0|^12.0",
23 |         "illuminate/support": "^7.0|^8.0|^9.0|^10.0|^11.0|^12.0"
24 |     },
25 |     "require-dev": {
26 |         "orchestra/testbench": "^7.0|^8.0|^9.0|^10.0",
27 |         "phpunit/phpunit": "^10.0|^11.5.3",
28 |         "driftingly/rector-laravel": "^0.17.0 || ^0.19.0 || ^0.20.0 || ^0.21.0 || ^0.22.0 || ^0.24.0 || ^0.26.0 || ^0.30.0 || ^0.40.0 || ^0.41.0|^1.0|^2.0",
29 |         "rector/rector": "^0.15.21 || ^0.16.0 || ^0.17.0 || ^0.18.0 || ^0.19.0|^1.0 || ^2.0"
30 |     },
31 |     "autoload": {
32 |         "psr-4": {
33 |             "Mazedlx\\FeaturePolicy\\": "src"
34 |         }
35 |     },
36 |     "autoload-dev": {
37 |         "psr-4": {
38 |             "Mazedlx\\FeaturePolicy\\Tests\\": "tests"
39 |         }
40 |     },
41 |     "scripts": {
42 |         "test": "vendor/bin/phpunit",
43 |         "test-coverage": "phpunit --coverage-html coverage"
44 |     },
45 |     "config": {
46 |         "sort-packages": true
47 |     },
48 |     "extra": {
49 |         "laravel": {
50 |             "providers": [
51 |                 "Mazedlx\\FeaturePolicy\\FeaturePolicyServiceProvider"
52 |             ]
53 |         }
54 |     }
55 | }
56 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug_report.yml:
--------------------------------------------------------------------------------
 1 | name: Bug Report
 2 | description: File a bug report
 3 | title: "[Bug]: "
 4 | labels: ["bug", "triage"]
 5 | assignees:
 6 |   - mazedlx
 7 | body:
 8 |   - type: markdown
 9 |     attributes:
10 |       value: |
11 |         Thanks for taking the time to fill out this bug report!
12 | 
13 |   - type: input
14 |     id: contact
15 |     attributes:
16 |       label: Contact Details
17 |       description: How can we get in touch with you if we need more info?
18 |       placeholder: ex. email@example.com
19 |     validations:
20 |       required: false
21 | 
22 |   - type: textarea
23 |     id: what-happened
24 |     attributes:
25 |       label: What happened?
26 |       description: Also tell us, what did you expect to happen?
27 |       placeholder: Tell us what you see!
28 |       value: "A bug happened!"
29 |     validations:
30 |       required: true
31 | 
32 |   - type: dropdown
33 |     id: version
34 |     attributes:
35 |       label: Version
36 |       description: What version of our software are you running?
37 |       options:
38 |         - 1.0.0
39 |         - 1.0.1
40 |         - 1.0.7
41 |         - 1.0.8
42 |         - 1.0.9
43 |         - 1.1.2
44 |         - 1.2.0
45 |         - 1.3.0
46 |         - 2.0.0
47 |     validations:
48 |       required: true
49 | 
50 |   - type: textarea
51 |     id: logs
52 |     attributes:
53 |       label: Relevant log output
54 |       description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
55 |       render: shell
56 | 
57 |   - type: checkboxes
58 |     id: terms
59 |     attributes:
60 |       label: Code of Conduct
61 |       description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/mazedlx/laravel-feature-policy/blob/main/CODE_OF_CONDUCT.md)
62 |       options:
63 |         - label: I agree to follow this project's Code of Conduct
64 |           required: true
65 | 


--------------------------------------------------------------------------------
/rector.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | use Rector\Caching\ValueObject\Storage\FileCacheStorage;
 6 | use Rector\CodeQuality\Rector\Class_\InlineConstructorDefaultToPropertyRector;
 7 | use Rector\Config\RectorConfig;
 8 | use Rector\EarlyReturn\Rector\If_\ChangeIfElseValueAssignToEarlyReturnRector;
 9 | use Rector\Php74\Rector\Closure\ClosureToArrowFunctionRector;
10 | use Rector\Php80\Rector\Catch_\RemoveUnusedVariableInCatchRector;
11 | use Rector\Php80\Rector\ClassMethod\FinalPrivateToPrivateVisibilityRector;
12 | use Rector\Php80\Rector\Switch_\ChangeSwitchToMatchRector;
13 | use Rector\Php81\Rector\Property\ReadOnlyPropertyRector;
14 | use Rector\Set\ValueObject\LevelSetList;
15 | use Rector\TypeDeclaration\Rector\Property\TypedPropertyFromStrictSetUpRector;
16 | 
17 | /**
18 |  * @see https://github.com/rectorphp/rector/blob/main/docs/rector_rules_overview.md
19 |  */
20 | return static function (RectorConfig $rectorConfig): void {
21 |     $rectorConfig->paths([
22 |         __DIR__ . '/config',
23 |         __DIR__ . '/src',
24 |         __DIR__ . '/tests',
25 |     ]);
26 | 
27 |     $rectorConfig->cacheClass(FileCacheStorage::class);
28 |     $rectorConfig->cacheDirectory('./.cache/rector');
29 | 
30 |     // register a single rule
31 |     $rectorConfig->rules([
32 |         InlineConstructorDefaultToPropertyRector::class,
33 |         ChangeIfElseValueAssignToEarlyReturnRector::class,
34 |         RemoveUnusedVariableInCatchRector::class,
35 |         TypedPropertyFromStrictSetUpRector::class,
36 |         ReadOnlyPropertyRector::class,
37 |         ChangeSwitchToMatchRector::class,
38 |         FinalPrivateToPrivateVisibilityRector::class,
39 |     ]);
40 | 
41 |     // define sets of rules
42 |     $rectorConfig->sets([
43 |         LevelSetList::UP_TO_PHP_81,
44 |         // \RectorLaravel\Set\LaravelLevelSetList::UP_TO_LARAVEL_100,
45 |     ]);
46 | 
47 |     $rectorConfig->skip([
48 |         ClosureToArrowFunctionRector::class,
49 |     ]);
50 | };
51 | 


--------------------------------------------------------------------------------
/src/Policies/Policy.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Mazedlx\FeaturePolicy\Policies;
 6 | 
 7 | use Illuminate\Http\Request;
 8 | use Mazedlx\FeaturePolicy\FeatureGroups\DefaultFeatureGroup;
 9 | use Mazedlx\FeaturePolicy\Formatter\PolicyFormatter;
10 | use Mazedlx\FeaturePolicy\Value;
11 | use Mazedlx\FeaturePolicy\Directive;
12 | use Symfony\Component\HttpFoundation\Response;
13 | 
14 | abstract class Policy implements PolicyContract
15 | {
16 |     protected array $directives = [];
17 | 
18 |     private array $rules = [];
19 | 
20 |     abstract public function configure();
21 | 
22 |     public function addDirective(string $directive, $values, ?string $type = DefaultFeatureGroup::class): self
23 |     {
24 |         $currentDirective = Directive::make($directive, type: $type);
25 |         collect($this->rules[$directive] ??= [])
26 |             ->each(fn (string $rule) => $currentDirective->addRule($rule));
27 | 
28 |         collect($values)
29 |             ->map(fn ($values) => array_filter(explode(' ', (string) $values)))
30 |             ->flatten()
31 |             ->map(fn (string $rule) => $this->isSpecialDirectiveValue($rule) ? $rule : "\"{$rule}\"")
32 |             ->each(fn (string $rule) => $currentDirective->addRule($rule))
33 |             ->each(fn (string $rule) => $this->rules[$directive][] = $rule);
34 | 
35 |         $this->directives[$directive] = $currentDirective;
36 | 
37 |         return $this;
38 |     }
39 | 
40 |     public function shouldBeApplied(Request $request, Response $response): bool
41 |     {
42 |         return config('feature-policy.enabled');
43 |     }
44 | 
45 |     public function applyTo(Response $response): void
46 |     {
47 |         if (! $this->directives) {
48 |             $this->configure();
49 |         }
50 | 
51 |         $headerName = 'Permissions-Policy';
52 | 
53 |         if ($response->headers->has($headerName)) {
54 |             return;
55 |         }
56 | 
57 |         $response->headers->set($headerName, (string) $this);
58 | 
59 |         if (! config('feature-policy.reporting.enabled')) {
60 |             return;
61 |         }
62 | 
63 |         $response->headers->set('Reporting-Endpoints', 'violation-reports="' . config('feature-policy.reporting.url') . '"');
64 | 
65 |         if (! config('feature-policy.reporting.report_only')) {
66 |             return;
67 |         }
68 | 
69 |         $headerName = 'Permissions-Policy-Report-Only';
70 | 
71 |         if ($response->headers->has($headerName)) {
72 |             return;
73 |         }
74 | 
75 |         $response->headers->set($headerName, (string) $this);
76 |     }
77 | 
78 |     public function __toString(): string
79 |     {
80 |         return (string) new PolicyFormatter($this->directives);
81 |     }
82 | 
83 |     protected function isSpecialDirectiveValue(string $value): bool
84 |     {
85 |         $specialDirectiveValues = [
86 |             Value::NONE,
87 |             Value::SELF,
88 |             Value::ALL,
89 |         ];
90 | 
91 |         return in_array($value, $specialDirectiveValues, true);
92 |     }
93 | }
94 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # Contributing
 2 | 
 3 | Contributions are **welcome** and will be fully **credited**.
 4 | 
 5 | Please read and understand the contribution guide before creating an issue or pull request.
 6 | 
 7 | ## Etiquette
 8 | 
 9 | This project is open source, and as such, the maintainers give their free time to build and maintain the source code
10 | held within. They make the code freely available in the hope that it will be of use to other developers. It would be
11 | extremely unfair for them to suffer abuse or anger for their hard work.
12 | 
13 | Please be considerate towards maintainers when raising issues or presenting pull requests. Let's show the
14 | world that developers are civilized and selfless people.
15 | 
16 | It's the duty of the maintainer to ensure that all submissions to the project are of sufficient
17 | quality to benefit the project. Many developers have different skillsets, strengths, and weaknesses. Respect the maintainer's decision, and do not be upset or abusive if your submission is not used.
18 | 
19 | ## Viability
20 | 
21 | When requesting or submitting new features, first consider whether it might be useful to others. Open
22 | source projects are used by many developers, who may have entirely different needs to your own. Think about
23 | whether or not your feature is likely to be used by other users of the project.
24 | 
25 | ## Procedure
26 | 
27 | Before filing an issue:
28 | 
29 | - Attempt to replicate the problem, to ensure that it wasn't a coincidental incident.
30 | - Check to make sure your feature suggestion isn't already present within the project.
31 | - Check the pull requests tab to ensure that the bug doesn't have a fix in progress.
32 | - Check the pull requests tab to ensure that the feature isn't already in progress.
33 | 
34 | Before submitting a pull request:
35 | 
36 | - Check the codebase to ensure that your feature doesn't already exist.
37 | - Check the pull requests to ensure that another person hasn't already submitted the feature or fix.
38 | 
39 | ## Requirements
40 | 
41 | If the project maintainer has any additional requirements, you will find them listed here.
42 | 
43 | - **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](http://pear.php.net/package/PHP_CodeSniffer).
44 | 
45 | - **Add tests!** - Your patch won't be accepted if it doesn't have tests.
46 | 
47 | - **Document any change in behaviour** - Make sure the `README.md` and any other relevant documentation are kept up-to-date.
48 | 
49 | - **Consider our release cycle** - We try to follow [SemVer v2.0.0](http://semver.org/). Randomly breaking public APIs is not an option.
50 | 
51 | - **One pull request per feature** - If you want to do more than one thing, send multiple pull requests.
52 | 
53 | - **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please [squash them](http://www.git-scm.com/book/en/v2/Git-Tools-Rewriting-History#Changing-Multiple-Commit-Messages) before submitting.
54 | 
55 | **Happy coding**!
56 | 


--------------------------------------------------------------------------------
/.github/workflows/code-quality.yml:
--------------------------------------------------------------------------------
  1 | name: Analyse and format
  2 | 
  3 | on:
  4 |   push:
  5 |   pull_request:
  6 | 
  7 | jobs:
  8 |   analysis:
  9 |     runs-on: ${{ matrix.os }}
 10 | 
 11 |     strategy:
 12 |       fail-fast: false
 13 |       matrix:
 14 |         os:
 15 |           - ubuntu-latest
 16 |         php:
 17 |           - 8.1
 18 |           - 8.2
 19 | 
 20 |     steps:
 21 |       - name: Checkout code
 22 |         uses: actions/checkout@v6
 23 | 
 24 |       - name: Setup PHP
 25 |         uses: shivammathur/setup-php@v2
 26 |         with:
 27 |           php-version: ${{ matrix.php }}
 28 |           extensions: dom, curl, libxml, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite
 29 |           tools: composer:v2,phpstan
 30 |           coverage: none
 31 | 
 32 |       - name: Install Composer dependencies
 33 |         run: composer install --prefer-dist --no-interaction
 34 | 
 35 |       - name: Run analysis
 36 |         run: phpstan analyse --no-ansi --no-interaction --no-progress
 37 | 
 38 |   format:
 39 |     runs-on: ubuntu-latest
 40 | 
 41 |     steps:
 42 |       - name: Checkout code
 43 |         uses: actions/checkout@v6
 44 | 
 45 |       - name: Setup PHP
 46 |         uses: shivammathur/setup-php@v2
 47 |         with:
 48 |           php-version: 8.1
 49 |           extensions: dom, curl, libxml, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite
 50 |           tools: composer:v2,php-cs-fixer
 51 |           coverage: none
 52 | 
 53 |       - name: Run formatter
 54 |         run: php-cs-fixer fix --no-ansi
 55 | 
 56 |       - name: Commit changes
 57 |         uses: stefanzweifel/git-auto-commit-action@v7
 58 |         with:
 59 |           file_pattern: '*.php'
 60 |           create_branch: false
 61 |           add_options: '-u'
 62 |           push_options: '--force-with-lease'
 63 |           commit_message: ":hammer: :construction_worker: formatting changes"
 64 | 
 65 |   rector:
 66 |     runs-on: ubuntu-latest
 67 | 
 68 |     steps:
 69 |       - name: Checkout code
 70 |         uses: actions/checkout@v6
 71 | 
 72 |       - name: Setup PHP
 73 |         uses: shivammathur/setup-php@v2
 74 |         with:
 75 |           php-version: 8.1
 76 |           extensions: dom, curl, libxml, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite
 77 |           tools: composer:v2
 78 |           coverage: none
 79 | 
 80 |       - name: Install Composer dependencies
 81 |         run: composer install --prefer-dist --no-interaction
 82 | 
 83 |       - name: Rector Cache
 84 |         uses: actions/cache@v4
 85 |         with:
 86 |           path: ./.cache/rector
 87 |           key: ${{ runner.os }}-rector-${{ hashFiles('**/composer.lock') }}
 88 |           restore-keys: ${{ runner.os }}-rector-
 89 | 
 90 |       - name: Run Rector upgrades
 91 |         run: ./vendor/bin/rector process --no-ansi --no-diffs
 92 | 
 93 |       - name: Commit changes
 94 |         uses: stefanzweifel/git-auto-commit-action@v7
 95 |         with:
 96 |           file_pattern: '*.php'
 97 |           create_branch: false
 98 |           add_options: '-u'
 99 |           push_options: '--force-with-lease'
100 |           commit_message: ":toolbox: :construction_worker: updating code"
101 | 


--------------------------------------------------------------------------------
/src/Directive.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | 
  3 | namespace Mazedlx\FeaturePolicy;
  4 | 
  5 | use Mazedlx\FeaturePolicy\FeatureGroups\DefaultFeatureGroup;
  6 | use Mazedlx\FeaturePolicy\FeatureGroups\DirectiveContract;
  7 | use Mazedlx\FeaturePolicy\FeatureGroups\ProposedFeatureGroup;
  8 | use Mazedlx\FeaturePolicy\Exceptions\UnknownPermissionGroupException;
  9 | 
 10 | abstract class Directive implements DirectiveContract
 11 | {
 12 |     protected array $rules = [];
 13 | 
 14 |     final public const ACCELEROMETER = 'accelerometer';
 15 |     final public const AMBIENT_LIGHT_SENSOR = 'ambient-light-sensor';
 16 |     final public const AUTOPLAY = 'autoplay';
 17 |     final public const BATTERY = 'battery';
 18 |     final public const BLUETOOTH = 'bluetooth';
 19 |     final public const CAMERA = 'camera';
 20 |     final public const CH_UA = 'ch-ua';
 21 |     final public const CH_UA_ARCH = 'ch-ua-arch';
 22 |     final public const CH_UA_BITNESS = 'ch-ua-bitness';
 23 |     final public const CH_UA_FULL_VERSION = 'ch-ua-full-version';
 24 |     final public const CH_UA_FULL_VERSION_LIST = 'ch-ua-full-version-list';
 25 |     final public const CH_UA_MOBILE = 'ch-ua-mobile';
 26 |     final public const CH_UA_MODEL = 'ch-ua-model';
 27 |     final public const CH_UA_PLATFORM = 'ch-ua-platform';
 28 |     final public const CH_UA_PLATFORM_VERSION = 'ch-ua-platform-version';
 29 |     final public const CH_UA_WOW64 = 'ch-ua-wow64';
 30 |     final public const CROSS_ORIGIN_ISOLATED = 'cross-origin-isolated';
 31 |     final public const DISPLAY_CAPTURE = 'display-capture';
 32 | 
 33 |     /** @deprecated formerly in Chrome, behind a flag */
 34 |     final public const DOCUMENT_DOMAIN = 'document-domain';
 35 |     final public const ENCRYPTED_MEDIA = 'encrypted-media';
 36 |     final public const EXECUTION_WHILE_NOT_RENDERED = 'execution-while-not-rendered';
 37 |     final public const EXECUTION_WHILE_OUT_OF_VIEWPORT = 'execution-while-out-of-viewport';
 38 |     final public const FLOC = 'interest-cohort';
 39 |     final public const FULLSCREEN = 'fullscreen';
 40 |     final public const GEOLOCATION = 'geolocation';
 41 |     final public const GYROSCOPE = 'gyroscope';
 42 |     final public const HID = 'hid';
 43 |     final public const IDLE_DETECTION = 'idle-detection';
 44 |     final public const KEYBOARD_MAP = 'keyboard-map';
 45 |     final public const MAGNETOMETER = 'magnetometer';
 46 |     final public const MICROPHONE = 'microphone';
 47 |     final public const MIDI = 'midi';
 48 |     final public const NAVIGATION_OVERRIDE = 'navigation-override';
 49 |     final public const PAYMENT = 'payment';
 50 |     final public const PICTURE_IN_PICTURE = 'picture-in-picture';
 51 |     final public const PUBLICKEY_CREDENTIALS_GET = 'publickey-credentials-get';
 52 |     final public const SCREEN_WAKE_LOCK = 'screen-wake-lock';
 53 |     final public const SERIAL = 'serial';
 54 |     /** @deprecated unknown directive */
 55 |     final public const SPEAKER = 'speaker';
 56 |     final public const SYNC_XHR = 'sync-xhr';
 57 |     final public const USB = 'usb';
 58 |     final public const VR = 'vr'; // after Chrome 79 replaced by xr-spatial-tracking
 59 |     /** @deprecated known as 'screen-wake-rock' */
 60 |     final public const WAKE_LOCK = 'wake-lock';
 61 |     final public const WEB_SHARE = 'web-share';
 62 |     /** @deprecated unknown directive */
 63 |     final public const XR = 'vr';
 64 |     /** @see Implemented in Chrome as vr prior to Chrome 79 */
 65 |     final public const XR_SPATIAL_TRACKING = 'xr-spatial-tracking';
 66 | 
 67 |     public static function make(string $directive, string $type = DefaultFeatureGroup::class): DirectiveContract
 68 |     {
 69 |         return match ($type) {
 70 |             DefaultFeatureGroup::class => DefaultFeatureGroup::directive($directive),
 71 |             ProposedFeatureGroup::class => ProposedFeatureGroup::directive($directive),
 72 |             default => throw new UnknownPermissionGroupException($type),
 73 |         };
 74 |     }
 75 | 
 76 |     public function addRule(string $rule): static
 77 |     {
 78 |         if (in_array($rule, $this->rules, true)) {
 79 |             return $this;
 80 |         }
 81 | 
 82 |         $this->rules[] = $rule;
 83 | 
 84 |         return $this;
 85 |     }
 86 | 
 87 |     public function rules(): array
 88 |     {
 89 |         return $this->rules;
 90 |     }
 91 | 
 92 |     public function note(): string
 93 |     {
 94 |         return '';
 95 |     }
 96 | 
 97 |     public function isDeprecated(): bool
 98 |     {
 99 |         return false;
100 |     }
101 | }
102 | 


--------------------------------------------------------------------------------
/.php-cs-fixer.dist.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | 
  3 | $finder = PhpCsFixer\Finder::create()
  4 |     ->ignoreDotFiles(false)
  5 |     ->ignoreVCSIgnored(true)
  6 |     ->in([
  7 |         __DIR__ . '/src',
  8 |         __DIR__ . '/tests',
  9 |         __DIR__ . '/config',
 10 |     ]);
 11 | 
 12 | return (new PhpCsFixer\Config())
 13 |     ->setFinder($finder)
 14 |     ->setRules([
 15 |         '@PSR2' => true,
 16 |         'array_syntax' => ['syntax' => 'short'],
 17 |         'combine_consecutive_unsets' => true,
 18 |         'phpdoc_separation' => true,
 19 |         'multiline_whitespace_before_semicolons' => true,
 20 |         'single_quote' => true,
 21 | 
 22 |         'binary_operator_spaces' => [
 23 |             'operators' => [
 24 |                 '=' => 'single_space',
 25 |                 '=>' => 'single_space',
 26 |                 '<>' => 'single_space',
 27 |             ],
 28 |         ],
 29 |         'not_operator_with_successor_space' => true,
 30 |         // 'blank_line_after_opening_tag' => true,
 31 |         // 'blank_line_before_return' => true,
 32 |         'braces' => [
 33 |             'allow_single_line_closure' => true,
 34 |         ],
 35 |         // 'cast_spaces' => true,
 36 |         // 'class_definition' => array('singleLine' => true),
 37 |         'concat_space' => ['spacing' => 'one'],
 38 |         'declare_equal_normalize' => true,
 39 |         'function_typehint_space' => true,
 40 |         'single_line_comment_style' => true,
 41 |         'include' => true,
 42 |         'lowercase_cast' => true,
 43 |         // 'native_function_casing' => true,
 44 |         // 'new_with_braces' => true,
 45 |         // 'no_blank_lines_after_class_opening' => true,
 46 |         // 'no_blank_lines_after_phpdoc' => true,
 47 |         // 'no_empty_comment' => true,
 48 |         // 'no_empty_phpdoc' => true,
 49 |         // 'no_empty_statement' => true,
 50 |         'no_extra_blank_lines' => [
 51 |             'tokens' => [
 52 |                 'curly_brace_block',
 53 |                 'extra',
 54 |                 'parenthesis_brace_block',
 55 |                 'square_brace_block',
 56 |                 'throw',
 57 |                 'use',
 58 |             ],
 59 |         ],
 60 |         // 'no_leading_import_slash' => true,
 61 |         // 'no_leading_namespace_whitespace' => true,
 62 |         // 'no_mixed_echo_print' => array('use' => 'echo'),
 63 |         'no_multiline_whitespace_around_double_arrow' => true,
 64 |         // 'no_short_bool_cast' => true,
 65 |         // 'no_singleline_whitespace_before_semicolons' => true,
 66 |         'no_spaces_around_offset' => true,
 67 |         // 'no_trailing_comma_in_list_call' => true,
 68 |         // 'no_trailing_comma_in_singleline_array' => true,
 69 |         // 'no_unneeded_control_parentheses' => true,
 70 |         'no_unused_imports' => true,
 71 |         'no_whitespace_before_comma_in_array' => true,
 72 |         'no_whitespace_in_blank_line' => true,
 73 |         // 'normalize_index_brace' => true,
 74 |         'object_operator_without_whitespace' => true,
 75 |         // 'php_unit_fqcn_annotation' => true,
 76 |         // 'phpdoc_align' => true,
 77 |         // 'phpdoc_annotation_without_dot' => true,
 78 |         // 'phpdoc_indent' => true,
 79 |         // 'phpdoc_inline_tag' => true,
 80 |         // 'phpdoc_no_access' => true,
 81 |         // 'phpdoc_no_alias_tag' => true,
 82 |         // 'phpdoc_no_empty_return' => true,
 83 |         // 'phpdoc_no_package' => true,
 84 |         // 'phpdoc_no_useless_inheritdoc' => true,
 85 |         // 'phpdoc_return_self_reference' => true,
 86 |         // 'phpdoc_scalar' => true,
 87 |         // 'phpdoc_separation' => true,
 88 |         // 'phpdoc_single_line_var_spacing' => true,
 89 |         // 'phpdoc_summary' => true,
 90 |         // 'phpdoc_to_comment' => true,
 91 |         // 'phpdoc_trim' => true,
 92 |         // 'phpdoc_types' => true,
 93 |         // 'phpdoc_var_without_name' => true,
 94 |         // 'pre_increment' => true,
 95 |         // 'return_type_declaration' => true,
 96 |         // 'self_accessor' => true,
 97 |         // 'short_scalar_cast' => true,
 98 |         'single_blank_line_before_namespace' => true,
 99 |         // 'single_class_element_per_statement' => true,
100 |         // 'space_after_semicolon' => true,
101 |         // 'standardize_not_equals' => true,
102 |         'ternary_operator_spaces' => true,
103 |         'trailing_comma_in_multiline' => true,
104 |         'trim_array_spaces' => true,
105 |         'unary_operator_spaces' => true,
106 |         'whitespace_after_comma_in_array' => true,
107 |     ])
108 |     //->setIndent("\t")
109 |     ->setLineEnding("\n");
110 | 


--------------------------------------------------------------------------------
/src/FeatureGroups/ProposedFeatureGroup.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | 
  3 | declare(strict_types=1);
  4 | 
  5 | namespace Mazedlx\FeaturePolicy\FeatureGroups;
  6 | 
  7 | use Mazedlx\FeaturePolicy\Directive;
  8 | use Mazedlx\FeaturePolicy\Exceptions\DisabledFeatureGroupException;
  9 | use Mazedlx\FeaturePolicy\Exceptions\UnsupportedPermissionException;
 10 | 
 11 | final class ProposedFeatureGroup implements FeatureGroupContract
 12 | {
 13 |     public const CLIPBOARD_READ = 'clipboard-read';
 14 |     public const CLIPBOARD_WRITE = 'clipboard-write';
 15 |     public const GAMEPAD = 'gamepad';
 16 |     public const SHARED_AUTOFILL = 'shared-autofill';
 17 |     public const SPEAKER_SELECTION = 'speaker-selection';
 18 | 
 19 |     public static function directive(string $directive): DirectiveContract
 20 |     {
 21 |         throw_unless(config('feature-policy.directives.proposal'), new DisabledFeatureGroupException($directive));
 22 | 
 23 |         return match ($directive) {
 24 |             self::CLIPBOARD_READ => new class extends Directive {
 25 |                 public function name(): string
 26 |                 {
 27 |                     return ProposedFeatureGroup::CLIPBOARD_READ;
 28 |                 }
 29 | 
 30 |                 public function specificationName(): string
 31 |                 {
 32 |                     return 'w3c/clipboard-apis#120';
 33 |                 }
 34 | 
 35 |                 public function specificationUrl(): string
 36 |                 {
 37 |                     return 'https://github.com/w3c/clipboard-apis/pull/120';
 38 |                 }
 39 | 
 40 |                 public function browserSupport(): string
 41 |                 {
 42 |                     return 'Chrome 86';
 43 |                 }
 44 | 
 45 |                 public function browserSupportUrl(): string
 46 |                 {
 47 |                     return '';
 48 |                 }
 49 |             },
 50 |             self::CLIPBOARD_WRITE => new class extends Directive {
 51 |                 public function name(): string
 52 |                 {
 53 |                     return ProposedFeatureGroup::CLIPBOARD_WRITE;
 54 |                 }
 55 | 
 56 |                 public function specificationName(): string
 57 |                 {
 58 |                     return 'w3c/clipboard-apis#120';
 59 |                 }
 60 | 
 61 |                 public function specificationUrl(): string
 62 |                 {
 63 |                     return 'https://github.com/w3c/clipboard-apis/pull/120';
 64 |                 }
 65 | 
 66 |                 public function browserSupport(): string
 67 |                 {
 68 |                     return 'Chrome 86';
 69 |                 }
 70 | 
 71 |                 public function browserSupportUrl(): string
 72 |                 {
 73 |                     return '';
 74 |                 }
 75 |             },
 76 |             self::GAMEPAD => new class extends Directive {
 77 |                 public function name(): string
 78 |                 {
 79 |                     return ProposedFeatureGroup::GAMEPAD;
 80 |                 }
 81 | 
 82 |                 public function specificationName(): string
 83 |                 {
 84 |                     return 'w3c/gamepad#112';
 85 |                 }
 86 | 
 87 |                 public function specificationUrl(): string
 88 |                 {
 89 |                     return 'https://github.com/w3c/gamepad/pull/112';
 90 |                 }
 91 | 
 92 |                 public function browserSupport(): string
 93 |                 {
 94 |                     return '';
 95 |                 }
 96 | 
 97 |                 public function browserSupportUrl(): string
 98 |                 {
 99 |                     return '';
100 |                 }
101 |             },
102 |             self::SHARED_AUTOFILL => new class extends Directive {
103 |                 public function name(): string
104 |                 {
105 |                     return ProposedFeatureGroup::SHARED_AUTOFILL;
106 |                 }
107 | 
108 |                 public function specificationName(): string
109 |                 {
110 |                     return 'https://github.com/schwering/shared-autofill';
111 |                 }
112 | 
113 |                 public function specificationUrl(): string
114 |                 {
115 |                     return 'https://github.com/schwering/shared-autofill';
116 |                 }
117 | 
118 |                 public function browserSupport(): string
119 |                 {
120 |                     return '';
121 |                 }
122 | 
123 |                 public function browserSupportUrl(): string
124 |                 {
125 |                     return '';
126 |                 }
127 |             },
128 |             self::SPEAKER_SELECTION => new class extends Directive {
129 |                 public function name(): string
130 |                 {
131 |                     return ProposedFeatureGroup::SPEAKER_SELECTION;
132 |                 }
133 | 
134 |                 public function specificationName(): string
135 |                 {
136 |                     return 'w3c/mediacapture-output#96';
137 |                 }
138 | 
139 |                 public function specificationUrl(): string
140 |                 {
141 |                     return 'https://github.com/w3c/mediacapture-output/pull/96';
142 |                 }
143 | 
144 |                 public function browserSupport(): string
145 |                 {
146 |                     return '';
147 |                 }
148 | 
149 |                 public function browserSupportUrl(): string
150 |                 {
151 |                     return '';
152 |                 }
153 |             },
154 |             default => throw new UnsupportedPermissionException($directive),
155 |         };
156 |     }
157 | }
158 | 


--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
  1 | # Contributor Covenant Code of Conduct
  2 | 
  3 | ## Our Pledge
  4 | 
  5 | We as members, contributors, and leaders pledge to make participation in our
  6 | community a harassment-free experience for everyone, regardless of age, body
  7 | size, visible or invisible disability, ethnicity, sex characteristics, gender
  8 | identity and expression, level of experience, education, socio-economic status,
  9 | nationality, personal appearance, race, religion, or sexual identity
 10 | and orientation.
 11 | 
 12 | We pledge to act and interact in ways that contribute to an open, welcoming,
 13 | diverse, inclusive, and healthy community.
 14 | 
 15 | ## Our Standards
 16 | 
 17 | Examples of behavior that contributes to a positive environment for our
 18 | community include:
 19 | 
 20 | * Demonstrating empathy and kindness toward other people
 21 | * Being respectful of differing opinions, viewpoints, and experiences
 22 | * Giving and gracefully accepting constructive feedback
 23 | * Accepting responsibility and apologizing to those affected by our mistakes,
 24 |   and learning from the experience
 25 | * Focusing on what is best not just for us as individuals, but for the
 26 |   overall community
 27 | 
 28 | Examples of unacceptable behavior include:
 29 | 
 30 | * The use of sexualized language or imagery, and sexual attention or
 31 |   advances of any kind
 32 | * Trolling, insulting or derogatory comments, and personal or political attacks
 33 | * Public or private harassment
 34 | * Publishing others' private information, such as a physical or email
 35 |   address, without their explicit permission
 36 | * Other conduct which could reasonably be considered inappropriate in a
 37 |   professional setting
 38 | 
 39 | ## Enforcement Responsibilities
 40 | 
 41 | Community leaders are responsible for clarifying and enforcing our standards of
 42 | acceptable behavior and will take appropriate and fair corrective action in
 43 | response to any behavior that they deem inappropriate, threatening, offensive,
 44 | or harmful.
 45 | 
 46 | Community leaders have the right and responsibility to remove, edit, or reject
 47 | comments, commits, code, wiki edits, issues, and other contributions that are
 48 | not aligned to this Code of Conduct, and will communicate reasons for moderation
 49 | decisions when appropriate.
 50 | 
 51 | ## Scope
 52 | 
 53 | This Code of Conduct applies within all community spaces, and also applies when
 54 | an individual is officially representing the community in public spaces.
 55 | Examples of representing our community include using an official e-mail address,
 56 | posting via an official social media account, or acting as an appointed
 57 | representative at an online or offline event.
 58 | 
 59 | ## Enforcement
 60 | 
 61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be
 62 | reported to the community leaders responsible for enforcement at
 63 | mazedlx@gmail.com.
 64 | All complaints will be reviewed and investigated promptly and fairly.
 65 | 
 66 | All community leaders are obligated to respect the privacy and security of the
 67 | reporter of any incident.
 68 | 
 69 | ## Enforcement Guidelines
 70 | 
 71 | Community leaders will follow these Community Impact Guidelines in determining
 72 | the consequences for any action they deem in violation of this Code of Conduct:
 73 | 
 74 | ### 1. Correction
 75 | 
 76 | **Community Impact**: Use of inappropriate language or other behavior deemed
 77 | unprofessional or unwelcome in the community.
 78 | 
 79 | **Consequence**: A private, written warning from community leaders, providing
 80 | clarity around the nature of the violation and an explanation of why the
 81 | behavior was inappropriate. A public apology may be requested.
 82 | 
 83 | ### 2. Warning
 84 | 
 85 | **Community Impact**: A violation through a single incident or series
 86 | of actions.
 87 | 
 88 | **Consequence**: A warning with consequences for continued behavior. No
 89 | interaction with the people involved, including unsolicited interaction with
 90 | those enforcing the Code of Conduct, for a specified period of time. This
 91 | includes avoiding interactions in community spaces as well as external channels
 92 | like social media. Violating these terms may lead to a temporary or
 93 | permanent ban.
 94 | 
 95 | ### 3. Temporary Ban
 96 | 
 97 | **Community Impact**: A serious violation of community standards, including
 98 | sustained inappropriate behavior.
 99 | 
100 | **Consequence**: A temporary ban from any sort of interaction or public
101 | communication with the community for a specified period of time. No public or
102 | private interaction with the people involved, including unsolicited interaction
103 | with those enforcing the Code of Conduct, is allowed during this period.
104 | Violating these terms may lead to a permanent ban.
105 | 
106 | ### 4. Permanent Ban
107 | 
108 | **Community Impact**: Demonstrating a pattern of violation of community
109 | standards, including sustained inappropriate behavior,  harassment of an
110 | individual, or aggression toward or disparagement of classes of individuals.
111 | 
112 | **Consequence**: A permanent ban from any sort of public interaction within
113 | the community.
114 | 
115 | ## Attribution
116 | 
117 | This Code of Conduct is adapted from the [Contributor Covenant][homepage],
118 | version 2.0, available at
119 | https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
120 | 
121 | Community Impact Guidelines were inspired by [Mozilla's code of conduct
122 | enforcement ladder](https://github.com/mozilla/diversity).
123 | 
124 | [homepage]: https://www.contributor-covenant.org
125 | 
126 | For answers to common questions about this code of conduct, see the FAQ at
127 | https://www.contributor-covenant.org/faq. Translations are available at
128 | https://www.contributor-covenant.org/translations.
129 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Configure the browsers abilities
  2 | 
  3 | [![Latest Version on Packagist](https://img.shields.io/packagist/v/mazedlx/laravel-feature-policy.svg?style=flat-square)](https://packagist.org/packages/mazedlx/laravel-feature.policy)
  4 | [![Tests](https://github.com/mazedlx/laravel-feature-policy/actions/workflows/test.yml/badge.svg)](https://github.com/mazedlx/laravel-feature-policy/actions/workflows/test.yml)
  5 | [![Analyse and format](https://github.com/mazedlx/laravel-feature-policy/actions/workflows/code-quality.yml/badge.svg)](https://github.com/mazedlx/laravel-feature-policy/actions/workflows/code-quality.yml)
  6 | [![Total Downloads](https://img.shields.io/packagist/dt/mazedlx/laravel-feature-policy.svg?style=flat-square)](https://packagist.org/packages/mazedlx/laravel-feature-policy)
  7 | 
  8 | 
  9 | The Permissions-Policy, which [previously](https://docs.w3cub.com/http/headers/feature-policy) was known as the Feature-Policy.
 10 | But since it came out of draft, it was renamed to "Permissions-Policy".  
 11 | The "Permissions-Policy" is an HTTP header which can be used to restrict the abilities of a browser.
 12 | 
 13 | Where the Content-Security-Policy focuses on security, the "Permissions-Policy" focuses on allowing or disabling the abilities of the browser.  
 14 | This can be done though the HTTP header, which this package focuses on, but it can also do this through the `allows` attribute on the `iframe` element.
 15 | 
 16 | <details>
 17 | <summary>iframe example</summary>
 18 | 
 19 | ```html
 20 | <iframe width="643" height="360" frameborder="0" allow="autoplay; fullscreen" allowfullscreen></iframe>
 21 | ```
 22 | 
 23 | </details>
 24 | 
 25 | More on the header itself can be found on the following sites.
 26 | - [Feature Policy | Smashing Magazine](https://www.smashingmagazine.com/2018/12/feature-policy/)
 27 | - [Feature Policy | Google Developers](https://developer.chrome.com/blog/feature-policy/)
 28 | - [W3C](https://www.w3.org/TR/permissions-policy/)
 29 | 
 30 | ## Installation
 31 | 
 32 | **Laravel 10 users should use v2.0 or newer, otherwise stick to v1.3**
 33 | 
 34 | The package can be installed though composer:
 35 | ```bash
 36 | $ composer require mazedlx/laravel-feature-policy
 37 | ```
 38 | After which the config file needs to be published:
 39 | ```bash
 40 | $ php artisan vendor:publish --provider="Mazedlx\FeaturePolicy\FeaturePolicyServiceProvider" --tag="config"
 41 | ```
 42 | 
 43 | Which looks like this:
 44 | <details>
 45 | <summary>Config file</summary>
 46 | 
 47 | ```php
 48 | <?php
 49 | 
 50 | return [
 51 |     /*
 52 |      * A policy will determine which "Permissions-Policy" headers will be set.
 53 |      * A valid policy extends `Mazedlx\FeaturePolicy\Policies\Policy`
 54 |      */
 55 |     'policy' => Mazedlx\FeaturePolicy\Policies\Basic::class,
 56 | 
 57 |     /*
 58 |      * "Feature-Policy" headers will only be added if this is set to true
 59 |      */
 60 |     'enabled' => env('FPH_ENABLED', true),
 61 | ];
 62 | ```
 63 | </details>
 64 | 
 65 | ## Middleware
 66 | 
 67 | You can add "Feature-Policy" headers to all responses by registering `Mazedlx\FeaturePolicy\AddFeaturePolicyHeaders::class` in the HTTP kernel:
 68 | <details>
 69 | <summary>Middleware example</summary>
 70 | 
 71 | ```php
 72 | // app/Http/Kernel.php
 73 | 
 74 | ...
 75 | 
 76 | protected $middlewareGroups = [
 77 |     'web' => [
 78 |         ...
 79 |         \Mazedlx\FeaturePolicy\AddFeaturePolicyHeaders::class,
 80 |     ]
 81 | ];
 82 | ```
 83 | </details>
 84 | 
 85 | Alternatively you can add the middleware to a single route and route group:
 86 | <details>
 87 | <summary>Route example</summary>
 88 | 
 89 | ```php
 90 | // in a routes file
 91 | use App\Http\Controllers\HomeController;
 92 | use Mazedlx\FeaturePolicy\AddFeaturePolicyHeaders;
 93 | 
 94 | Route::get('/home', HomeController::class)
 95 |     ->middleware(AddFeaturePolicyHeaders::class);
 96 | ```
 97 | 
 98 | You could even pass a policy as a parameter and override the policy specified in the config file:
 99 | 
100 | ```php
101 | // in a routes file
102 | use App\Http\Controllers\HomeController;
103 | use Mazedlx\FeaturePolicy\AddFeaturePolicyHeaders;
104 | 
105 | Route::get('/home', HomeController::class)
106 |     ->middleware(AddFeaturePolicyHeaders::class . ':' . MyFeaturePolicy::class);
107 | ```
108 | </details>
109 | 
110 | ## Usage
111 | 
112 | This package allows you to configure the policies that end up in the "Permissions-Policy" header. 
113 | 
114 | This policy determines which directives will be set in the "Permissions-Policy" header of the response.
115 | 
116 | It uses the following syntax;
117 | ```text
118 | Feature-Policy: <directive> <allowlist>
119 | ```
120 | 
121 | An example of a "Permissions-Policy" directive is `microphone`:
122 | 
123 | `Permissions-Policy: microphone=(self "https://spatie.be")`
124 | 
125 | In the above example by specifying `microphone` and allowing it for `self` makes the permission disabled for all origins except our own and https://spatie.be.
126 | 
127 | The current list of directives can be found [here](https://github.com/w3c/webappsec-permissions-policy/blob/main/features.md).
128 | Some of these are:
129 | - accelerometer
130 | - ambient-light-sensor
131 | - autoplay
132 | - camera
133 | - encrypted-media
134 | - fullscreen
135 | - geolocation
136 | - gyroscope
137 | - magnetometer
138 | - microphone
139 | - midi
140 | - payment
141 | - picture-in-picture
142 | - speaker
143 | - usb
144 | - vr
145 | 
146 | You can add multiple policy options as an array or as a single string with space-separated options:
147 | 
148 | ```php
149 | // in a policy
150 | ...
151 |     ->addDirective(Directive::CAMERA, [
152 |         Value::SELF,
153 |         'spatie.be',
154 |     ])
155 |     ->addDirective(Directive::GYROSCOPE, 'self spatie.be')
156 | ...
157 | ```
158 | 
159 | ## Creating Policies
160 | 
161 | The `policy` key of the `feature-policy` config file is set to `Mazedlx\FeaturePolicy\Policies\Basic::class` by default, which allows your site to use a few of the available features. The class looks like this:
162 | 
163 | <details>
164 | <summary>Basic policy</summary>
165 | 
166 | ```php
167 | <?php
168 | 
169 | namespace Mazedlx\FeaturePolicy\Policies;
170 | 
171 | use Mazedlx\FeaturePolicy\Value;
172 | use Mazedlx\FeaturePolicy\Directive;
173 | 
174 | class Basic extends Policy
175 | {
176 |     public function configure()
177 |     {
178 |         $this->addDirective(Directive::GEOLOCATION, Value::SELF)
179 |             ->addDirective(Directive::FULLSCREEN, Value::SELF);
180 |     }
181 | }
182 | ```
183 | 
184 | </details>
185 | 
186 | Let's say you're happy with allowing `geolocation` and `fullscreen` but also wanted to add `www.awesomesite.com` to gain access to this feature, then you can easily extend the class:
187 | 
188 | <details>
189 | <summary>MyFeature policy</summary>
190 | 
191 | ```php
192 | <?php
193 | 
194 | namespace App\Services\FeaturePolicy\Policies;
195 | 
196 | use Mazedlx\FeaturePolicy\Directive;
197 | use Mazedlx\FeaturePolicy\Policies\Basic;
198 | 
199 | class MyFeaturePolicy extends Basic
200 | {
201 |     public function configure()
202 |     {
203 |         parent::configure();
204 | 
205 |         $this->addDirective(Directive::GEOLOCATION, 'www.awesomesite.com')
206 |             ->addDirective(Directive::FULLSCREEN, 'www.awesomesite.com');
207 |     }
208 | }
209 | ```
210 | </details>
211 | 
212 | Don't forget to change the `policy` key in the `feature-policy` config file to the class name fo your policy (e.g. `App\Services\Policies\MyFeaturePolicy`).
213 | 
214 | ## Testing
215 | 
216 | You can run all tests with:
217 | 
218 | ```bash
219 | $ composer test
220 | ```
221 | 
222 | ## Changelog
223 | Please see [CHANGELOG](https://github.com/mazedlx/laravel-feature-policy/blob/main/CHANGELOG.md) for more information what has changed recently.
224 | 
225 | ## Contributing
226 | Please see [CONTRIBUTING](https://github.com/mazedlx/laravel-feature-policy/blob/main/CONTRIBUTING.md) for details.
227 | 
228 | ## Contributers
229 | <a href="https://github.com/mazedlx/laravel-feature-policy/graphs/contributors">
230 |   <img src="https://contrib.rocks/image?repo=mazedlx/laravel-feature-policy" />
231 | </a>
232 | 
233 | Made with [contrib.rocks](https://contrib.rocks).
234 | 
235 | ## Security
236 | If you discover any security related issues please email mazedlx@gmail.com instead of using the issue tracker.
237 | 
238 | ## Credits
239 | This package is strongly inspired by [Spatie](https://spatie.be) [laravel-csp](https://github.com/spatie/laravel-csp) package.
240 | Thanks to Freek van der Herten and Thomas Verhelst for creating such an awesome package and doing all the heavy lifting!
241 | 
242 | - [Freek van der Herten](https://github.com/freekmurze)
243 | - [Thomas Verhelst](https://github.com/TVke)
244 | 
245 | ## Support
246 | If you like this package please feel free to star it.
247 | 
248 | ## License
249 | The MIT License (MIT). Please see [LICENSE](https://github.com/mazedlx/laravel-feature-policy/blob/main/LICENSE.md) for more information.
250 | 


--------------------------------------------------------------------------------
/src/FeatureGroups/DefaultFeatureGroup.php:
--------------------------------------------------------------------------------
   1 | <?php
   2 | 
   3 | declare(strict_types=1);
   4 | 
   5 | namespace Mazedlx\FeaturePolicy\FeatureGroups;
   6 | 
   7 | use Mazedlx\FeaturePolicy\Directive;
   8 | use Mazedlx\FeaturePolicy\Exceptions\UnsupportedPermissionException;
   9 | use Mazedlx\FeaturePolicy\Value;
  10 | 
  11 | final class DefaultFeatureGroup implements FeatureGroupContract
  12 | {
  13 |     public static function directive(string $directive): DirectiveContract
  14 |     {
  15 |         return match ($directive) {
  16 |             Directive::ACCELEROMETER => new class extends Directive {
  17 |                 public function name(): string
  18 |                 {
  19 |                     return Directive::ACCELEROMETER;
  20 |                 }
  21 | 
  22 |                 public function specificationName(): string
  23 |                 {
  24 |                     return 'Generic Sensor API';
  25 |                 }
  26 | 
  27 |                 public function specificationUrl(): string
  28 |                 {
  29 |                     return 'https://www.w3.org/TR/generic-sensor/#feature-policy';
  30 |                 }
  31 | 
  32 |                 public function browserSupport(): string
  33 |                 {
  34 |                     return 'Chrome 66';
  35 |                 }
  36 | 
  37 |                 public function browserSupportUrl(): string
  38 |                 {
  39 |                     return 'https://www.chromestatus.com/feature/5758486868656128';
  40 |                 }
  41 |             },
  42 |             Directive::AMBIENT_LIGHT_SENSOR => new class extends Directive {
  43 |                 public function name(): string
  44 |                 {
  45 |                     return Directive::AMBIENT_LIGHT_SENSOR;
  46 |                 }
  47 | 
  48 |                 public function specificationName(): string
  49 |                 {
  50 |                     return 'Generic Sensor API';
  51 |                 }
  52 | 
  53 |                 public function specificationUrl(): string
  54 |                 {
  55 |                     return 'https://www.w3.org/TR/generic-sensor/#feature-policy';
  56 |                 }
  57 | 
  58 |                 public function browserSupport(): string
  59 |                 {
  60 |                     return 'Chrome 66';
  61 |                 }
  62 | 
  63 |                 public function browserSupportUrl(): string
  64 |                 {
  65 |                     return 'https://www.chromestatus.com/feature/5758486868656128';
  66 |                 }
  67 |             },
  68 |             Directive::AUTOPLAY => new class extends Directive {
  69 |                 public function name(): string
  70 |                 {
  71 |                     return Directive::AUTOPLAY;
  72 |                 }
  73 | 
  74 |                 public function specificationName(): string
  75 |                 {
  76 |                     return 'HTML';
  77 |                 }
  78 | 
  79 |                 public function specificationUrl(): string
  80 |                 {
  81 |                     return 'https://html.spec.whatwg.org/multipage/infrastructure.html#policy-controlled-features';
  82 |                 }
  83 | 
  84 |                 public function browserSupport(): string
  85 |                 {
  86 |                     return 'Chrome 64';
  87 |                 }
  88 | 
  89 |                 public function browserSupportUrl(): string
  90 |                 {
  91 |                     return 'https://www.chromestatus.com/feature/5100524789563392';
  92 |                 }
  93 |             },
  94 |             Directive::BATTERY => new class extends Directive {
  95 |                 public function name(): string
  96 |                 {
  97 |                     return Directive::BATTERY;
  98 |                 }
  99 | 
 100 |                 public function specificationName(): string
 101 |                 {
 102 |                     return 'Battery Status API';
 103 |                 }
 104 | 
 105 |                 public function specificationUrl(): string
 106 |                 {
 107 |                     return 'https://w3c.github.io/battery/#permissions-policy-integration';
 108 |                 }
 109 | 
 110 |                 public function browserSupport(): string
 111 |                 {
 112 |                     return 'Chrome - Open';
 113 |                 }
 114 | 
 115 |                 public function browserSupportUrl(): string
 116 |                 {
 117 |                     return 'https://bugs.chromium.org/p/chromium/issues/detail?id=1007264';
 118 |                 }
 119 |             },
 120 |             Directive::BLUETOOTH => new class extends Directive {
 121 |                 public function name(): string
 122 |                 {
 123 |                     return Directive::BLUETOOTH;
 124 |                 }
 125 | 
 126 |                 public function specificationName(): string
 127 |                 {
 128 |                     return 'Web Bluetooth';
 129 |                 }
 130 | 
 131 |                 public function specificationUrl(): string
 132 |                 {
 133 |                     return 'https://webbluetoothcg.github.io/web-bluetooth/#permissions-policy';
 134 |                 }
 135 | 
 136 |                 public function browserSupport(): string
 137 |                 {
 138 |                     return 'Chrome 104';
 139 |                 }
 140 | 
 141 |                 public function browserSupportUrl(): string
 142 |                 {
 143 |                     return 'https://chromestatus.com/feature/6439287120723968';
 144 |                 }
 145 |             },
 146 |             Directive::CAMERA => new class extends Directive {
 147 |                 public function name(): string
 148 |                 {
 149 |                     return Directive::CAMERA;
 150 |                 }
 151 | 
 152 |                 public function specificationName(): string
 153 |                 {
 154 |                     return 'Media Capture';
 155 |                 }
 156 | 
 157 |                 public function specificationUrl(): string
 158 |                 {
 159 |                     return 'https://w3c.github.io/mediacapture-main/#permissions-policy-integration';
 160 |                 }
 161 | 
 162 |                 public function browserSupport(): string
 163 |                 {
 164 |                     return 'Chrome 64';
 165 |                 }
 166 | 
 167 |                 public function browserSupportUrl(): string
 168 |                 {
 169 |                     return 'https://www.chromestatus.com/feature/5023919287304192';
 170 |                 }
 171 |             },
 172 |             Directive::CH_UA => new class extends Directive {
 173 |                 public function name(): string
 174 |                 {
 175 |                     return Directive::CH_UA;
 176 |                 }
 177 | 
 178 |                 public function specificationName(): string
 179 |                 {
 180 |                     return 'User-Agent Client Hints';
 181 |                 }
 182 | 
 183 |                 public function specificationUrl(): string
 184 |                 {
 185 |                     return 'https://wicg.github.io/ua-client-hints/';
 186 |                 }
 187 | 
 188 |                 public function browserSupport(): string
 189 |                 {
 190 |                     return 'Chrome 89';
 191 |                 }
 192 | 
 193 |                 public function browserSupportUrl(): string
 194 |                 {
 195 |                     return 'https://chromestatus.com/feature/5995832180473856';
 196 |                 }
 197 |             },
 198 |             Directive::CH_UA_ARCH => new class extends Directive {
 199 |                 public function name(): string
 200 |                 {
 201 |                     return Directive::CH_UA_ARCH;
 202 |                 }
 203 | 
 204 |                 public function specificationName(): string
 205 |                 {
 206 |                     return 'User-Agent Client Hints';
 207 |                 }
 208 | 
 209 |                 public function specificationUrl(): string
 210 |                 {
 211 |                     return 'https://wicg.github.io/ua-client-hints/';
 212 |                 }
 213 | 
 214 |                 public function browserSupport(): string
 215 |                 {
 216 |                     return 'Chrome 89';
 217 |                 }
 218 | 
 219 |                 public function browserSupportUrl(): string
 220 |                 {
 221 |                     return 'https://chromestatus.com/feature/5995832180473856';
 222 |                 }
 223 |             },
 224 |             Directive::CH_UA_BITNESS => new class extends Directive {
 225 |                 public function name(): string
 226 |                 {
 227 |                     return Directive::CH_UA_BITNESS;
 228 |                 }
 229 | 
 230 |                 public function specificationName(): string
 231 |                 {
 232 |                     return 'User-Agent Client Hints';
 233 |                 }
 234 | 
 235 |                 public function specificationUrl(): string
 236 |                 {
 237 |                     return 'https://wicg.github.io/ua-client-hints/';
 238 |                 }
 239 | 
 240 |                 public function browserSupport(): string
 241 |                 {
 242 |                     return 'Chrome 89';
 243 |                 }
 244 | 
 245 |                 public function browserSupportUrl(): string
 246 |                 {
 247 |                     return 'https://chromestatus.com/feature/5995832180473856';
 248 |                 }
 249 |             },
 250 |             Directive::CH_UA_FULL_VERSION => new class extends Directive {
 251 |                 public function name(): string
 252 |                 {
 253 |                     return Directive::CH_UA_FULL_VERSION;
 254 |                 }
 255 | 
 256 |                 public function specificationName(): string
 257 |                 {
 258 |                     return 'User-Agent Client Hints';
 259 |                 }
 260 | 
 261 |                 public function specificationUrl(): string
 262 |                 {
 263 |                     return 'https://wicg.github.io/ua-client-hints/';
 264 |                 }
 265 | 
 266 |                 public function browserSupport(): string
 267 |                 {
 268 |                     return 'Chrome 89';
 269 |                 }
 270 | 
 271 |                 public function browserSupportUrl(): string
 272 |                 {
 273 |                     return 'https://chromestatus.com/feature/5995832180473856';
 274 |                 }
 275 |             },
 276 |             Directive::CH_UA_FULL_VERSION_LIST => new class extends Directive {
 277 |                 public function name(): string
 278 |                 {
 279 |                     return Directive::CH_UA_FULL_VERSION_LIST;
 280 |                 }
 281 | 
 282 |                 public function specificationName(): string
 283 |                 {
 284 |                     return 'User-Agent Client Hints';
 285 |                 }
 286 | 
 287 |                 public function specificationUrl(): string
 288 |                 {
 289 |                     return 'https://wicg.github.io/ua-client-hints/';
 290 |                 }
 291 | 
 292 |                 public function browserSupport(): string
 293 |                 {
 294 |                     return 'Chrome 89';
 295 |                 }
 296 | 
 297 |                 public function browserSupportUrl(): string
 298 |                 {
 299 |                     return 'https://chromestatus.com/feature/5995832180473856';
 300 |                 }
 301 |             },
 302 |             Directive::CH_UA_MOBILE => new class extends Directive {
 303 |                 public function name(): string
 304 |                 {
 305 |                     return Directive::CH_UA_MOBILE;
 306 |                 }
 307 | 
 308 |                 public function specificationName(): string
 309 |                 {
 310 |                     return 'User-Agent Client Hints';
 311 |                 }
 312 | 
 313 |                 public function specificationUrl(): string
 314 |                 {
 315 |                     return 'https://wicg.github.io/ua-client-hints/';
 316 |                 }
 317 | 
 318 |                 public function browserSupport(): string
 319 |                 {
 320 |                     return 'Chrome 89';
 321 |                 }
 322 | 
 323 |                 public function browserSupportUrl(): string
 324 |                 {
 325 |                     return 'https://chromestatus.com/feature/5995832180473856';
 326 |                 }
 327 |             },
 328 |             Directive::CH_UA_MODEL => new class extends Directive {
 329 |                 public function name(): string
 330 |                 {
 331 |                     return Directive::CH_UA_MODEL;
 332 |                 }
 333 | 
 334 |                 public function specificationName(): string
 335 |                 {
 336 |                     return 'User-Agent Client Hints';
 337 |                 }
 338 | 
 339 |                 public function specificationUrl(): string
 340 |                 {
 341 |                     return 'https://wicg.github.io/ua-client-hints/';
 342 |                 }
 343 | 
 344 |                 public function browserSupport(): string
 345 |                 {
 346 |                     return 'Chrome 89';
 347 |                 }
 348 | 
 349 |                 public function browserSupportUrl(): string
 350 |                 {
 351 |                     return 'https://chromestatus.com/feature/5995832180473856';
 352 |                 }
 353 |             },
 354 |             Directive::CH_UA_PLATFORM => new class extends Directive {
 355 |                 public function name(): string
 356 |                 {
 357 |                     return Directive::CH_UA_PLATFORM;
 358 |                 }
 359 | 
 360 |                 public function specificationName(): string
 361 |                 {
 362 |                     return 'User-Agent Client Hints';
 363 |                 }
 364 | 
 365 |                 public function specificationUrl(): string
 366 |                 {
 367 |                     return 'https://wicg.github.io/ua-client-hints/';
 368 |                 }
 369 | 
 370 |                 public function browserSupport(): string
 371 |                 {
 372 |                     return 'Chrome 89';
 373 |                 }
 374 | 
 375 |                 public function browserSupportUrl(): string
 376 |                 {
 377 |                     return 'https://chromestatus.com/feature/5995832180473856';
 378 |                 }
 379 |             },
 380 |             Directive::CH_UA_PLATFORM_VERSION => new class extends Directive {
 381 |                 public function name(): string
 382 |                 {
 383 |                     return Directive::CH_UA_PLATFORM_VERSION;
 384 |                 }
 385 | 
 386 |                 public function specificationName(): string
 387 |                 {
 388 |                     return 'User-Agent Client Hints';
 389 |                 }
 390 | 
 391 |                 public function specificationUrl(): string
 392 |                 {
 393 |                     return 'https://wicg.github.io/ua-client-hints/';
 394 |                 }
 395 | 
 396 |                 public function browserSupport(): string
 397 |                 {
 398 |                     return 'Chrome 89';
 399 |                 }
 400 | 
 401 |                 public function browserSupportUrl(): string
 402 |                 {
 403 |                     return 'https://chromestatus.com/feature/5995832180473856';
 404 |                 }
 405 |             },
 406 |             Directive::CH_UA_WOW64 => new class extends Directive {
 407 |                 public function name(): string
 408 |                 {
 409 |                     return Directive::CH_UA_WOW64;
 410 |                 }
 411 | 
 412 |                 public function specificationName(): string
 413 |                 {
 414 |                     return 'User-Agent Client Hints';
 415 |                 }
 416 | 
 417 |                 public function specificationUrl(): string
 418 |                 {
 419 |                     return 'https://wicg.github.io/ua-client-hints/';
 420 |                 }
 421 | 
 422 |                 public function browserSupport(): string
 423 |                 {
 424 |                     return 'Chrome 89';
 425 |                 }
 426 | 
 427 |                 public function browserSupportUrl(): string
 428 |                 {
 429 |                     return 'https://chromestatus.com/feature/5995832180473856';
 430 |                 }
 431 |             },
 432 |             Directive::CROSS_ORIGIN_ISOLATED => new class extends Directive {
 433 |                 public function name(): string
 434 |                 {
 435 |                     return Directive::CROSS_ORIGIN_ISOLATED;
 436 |                 }
 437 | 
 438 |                 public function specificationName(): string
 439 |                 {
 440 |                     return 'HTML';
 441 |                 }
 442 | 
 443 |                 public function specificationUrl(): string
 444 |                 {
 445 |                     return 'https://html.spec.whatwg.org/multipage/infrastructure.html#policy-controlled-features';
 446 |                 }
 447 | 
 448 |                 public function browserSupport(): string
 449 |                 {
 450 |                     return 'Experimental in Chrome 85';
 451 |                 }
 452 | 
 453 |                 public function browserSupportUrl(): string
 454 |                 {
 455 |                     return '';
 456 |                 }
 457 |             },
 458 |             Directive::DISPLAY_CAPTURE => new class extends Directive {
 459 |                 public function name(): string
 460 |                 {
 461 |                     return Directive::DISPLAY_CAPTURE;
 462 |                 }
 463 | 
 464 |                 public function specificationName(): string
 465 |                 {
 466 |                     return 'Media Capture: Screen Share';
 467 |                 }
 468 | 
 469 |                 public function specificationUrl(): string
 470 |                 {
 471 |                     return 'https://w3c.github.io/mediacapture-screen-share/#permissions-policy-integration';
 472 |                 }
 473 | 
 474 |                 public function browserSupport(): string
 475 |                 {
 476 |                     return 'Chrome 94';
 477 |                 }
 478 | 
 479 |                 public function browserSupportUrl(): string
 480 |                 {
 481 |                     return 'https://chromestatus.com/feature/5144822362931200';
 482 |                 }
 483 |             },
 484 |             Directive::DOCUMENT_DOMAIN => new class extends Directive {
 485 |                 public function name(): string
 486 |                 {
 487 |                     return Directive::DOCUMENT_DOMAIN;
 488 |                 }
 489 | 
 490 |                 public function specificationName(): string
 491 |                 {
 492 |                     return 'HTML';
 493 |                 }
 494 | 
 495 |                 public function specificationUrl(): string
 496 |                 {
 497 |                     return 'https://html.spec.whatwg.org/multipage/infrastructure.html#policy-controlled-features';
 498 |                 }
 499 | 
 500 |                 public function browserSupport(): string
 501 |                 {
 502 |                     return 'Formerly in Chrome, behind a flag';
 503 |                 }
 504 | 
 505 |                 public function browserSupportUrl(): string
 506 |                 {
 507 |                     return '';
 508 |                 }
 509 | 
 510 |                 public function note(): string
 511 |                 {
 512 |                     return 'Directive is retired';
 513 |                 }
 514 | 
 515 |                 public function isDeprecated(): bool
 516 |                 {
 517 |                     return true;
 518 |                 }
 519 |             },
 520 |             Directive::ENCRYPTED_MEDIA => new class extends Directive {
 521 |                 public function name(): string
 522 |                 {
 523 |                     return Directive::ENCRYPTED_MEDIA;
 524 |                 }
 525 | 
 526 |                 public function specificationName(): string
 527 |                 {
 528 |                     return 'Encrypted Media Extensions';
 529 |                 }
 530 | 
 531 |                 public function specificationUrl(): string
 532 |                 {
 533 |                     return 'https://w3c.github.io/encrypted-media/#permissions-policy-integration';
 534 |                 }
 535 | 
 536 |                 public function browserSupport(): string
 537 |                 {
 538 |                     return 'Chrome 64';
 539 |                 }
 540 | 
 541 |                 public function browserSupportUrl(): string
 542 |                 {
 543 |                     return 'https://www.chromestatus.com/feature/5023919287304192';
 544 |                 }
 545 |             },
 546 |             Directive::EXECUTION_WHILE_NOT_RENDERED => new class extends Directive {
 547 |                 public function name(): string
 548 |                 {
 549 |                     return Directive::EXECUTION_WHILE_NOT_RENDERED;
 550 |                 }
 551 | 
 552 |                 public function specificationName(): string
 553 |                 {
 554 |                     return 'Page Lifecycle';
 555 |                 }
 556 | 
 557 |                 public function specificationUrl(): string
 558 |                 {
 559 |                     return 'https://wicg.github.io/page-lifecycle/#feature-policies';
 560 |                 }
 561 | 
 562 |                 public function browserSupport(): string
 563 |                 {
 564 |                     return 'Behind a flag in Chrome';
 565 |                 }
 566 | 
 567 |                 public function browserSupportUrl(): string
 568 |                 {
 569 |                     return '';
 570 |                 }
 571 | 
 572 |                 public function note(): string
 573 |                 {
 574 |                     return 'To enable these, use the Chrome command line flag --enable-blink-features=ExperimentalProductivityFeatures.';
 575 |                 }
 576 |             },
 577 |             Directive::EXECUTION_WHILE_OUT_OF_VIEWPORT => new class extends Directive {
 578 |                 public function name(): string
 579 |                 {
 580 |                     return Directive::EXECUTION_WHILE_OUT_OF_VIEWPORT;
 581 |                 }
 582 | 
 583 |                 public function specificationName(): string
 584 |                 {
 585 |                     return 'Page Lifecycle';
 586 |                 }
 587 | 
 588 |                 public function specificationUrl(): string
 589 |                 {
 590 |                     return 'https://wicg.github.io/page-lifecycle/#feature-policies';
 591 |                 }
 592 | 
 593 |                 public function browserSupport(): string
 594 |                 {
 595 |                     return 'Behind a flag in Chrome';
 596 |                 }
 597 | 
 598 |                 public function browserSupportUrl(): string
 599 |                 {
 600 |                     return '';
 601 |                 }
 602 | 
 603 |                 public function note(): string
 604 |                 {
 605 |                     return 'To enable these, use the Chrome command line flag --enable-blink-features=ExperimentalProductivityFeatures.';
 606 |                 }
 607 |             },
 608 |             Directive::FLOC => (new class extends Directive {
 609 |                 public function name(): string
 610 |                 {
 611 |                     return Directive::FLOC;
 612 |                 }
 613 | 
 614 |                 public function specificationName(): string
 615 |                 {
 616 |                     return 'Federated Learning of Cohorts';
 617 |                 }
 618 | 
 619 |                 public function specificationUrl(): string
 620 |                 {
 621 |                     return 'https://github.com/WICG/floc';
 622 |                 }
 623 | 
 624 |                 public function browserSupport(): string
 625 |                 {
 626 |                     return 'Chrome 90';
 627 |                 }
 628 | 
 629 |                 public function browserSupportUrl(): string
 630 |                 {
 631 |                     return '';
 632 |                 }
 633 |             })->addRule(Value::NONE),
 634 |             Directive::FULLSCREEN => new class extends Directive {
 635 |                 public function name(): string
 636 |                 {
 637 |                     return Directive::FULLSCREEN;
 638 |                 }
 639 | 
 640 |                 public function specificationName(): string
 641 |                 {
 642 |                     return 'Fullscreen API';
 643 |                 }
 644 | 
 645 |                 public function specificationUrl(): string
 646 |                 {
 647 |                     return 'https://fullscreen.spec.whatwg.org/#permissions-policy-integration';
 648 |                 }
 649 | 
 650 |                 public function browserSupport(): string
 651 |                 {
 652 |                     return 'Chrome 62';
 653 |                 }
 654 | 
 655 |                 public function browserSupportUrl(): string
 656 |                 {
 657 |                     return 'https://www.chromestatus.com/feature/5094837900541952';
 658 |                 }
 659 |             },
 660 |             Directive::GEOLOCATION => new class extends Directive {
 661 |                 public function name(): string
 662 |                 {
 663 |                     return Directive::GEOLOCATION;
 664 |                 }
 665 | 
 666 |                 public function specificationName(): string
 667 |                 {
 668 |                     return 'Geolocation API';
 669 |                 }
 670 | 
 671 |                 public function specificationUrl(): string
 672 |                 {
 673 |                     return 'https://w3c.github.io/geolocation-api/#permissions-policy';
 674 |                 }
 675 | 
 676 |                 public function browserSupport(): string
 677 |                 {
 678 |                     return 'Chrome 64';
 679 |                 }
 680 | 
 681 |                 public function browserSupportUrl(): string
 682 |                 {
 683 |                     return 'https://www.chromestatus.com/feature/5023919287304192';
 684 |                 }
 685 |             },
 686 |             Directive::GYROSCOPE => new class extends Directive {
 687 |                 public function name(): string
 688 |                 {
 689 |                     return Directive::GYROSCOPE;
 690 |                 }
 691 | 
 692 |                 public function specificationName(): string
 693 |                 {
 694 |                     return 'Generic Sensor API';
 695 |                 }
 696 | 
 697 |                 public function specificationUrl(): string
 698 |                 {
 699 |                     return 'https://www.w3.org/TR/generic-sensor/#feature-policy';
 700 |                 }
 701 | 
 702 |                 public function browserSupport(): string
 703 |                 {
 704 |                     return 'Chrome 66';
 705 |                 }
 706 | 
 707 |                 public function browserSupportUrl(): string
 708 |                 {
 709 |                     return 'https://www.chromestatus.com/feature/5758486868656128';
 710 |                 }
 711 |             },
 712 |             Directive::HID => new class extends Directive {
 713 |                 public function name(): string
 714 |                 {
 715 |                     return Directive::HID;
 716 |                 }
 717 | 
 718 |                 public function specificationName(): string
 719 |                 {
 720 |                     return '';
 721 |                 }
 722 | 
 723 |                 public function specificationUrl(): string
 724 |                 {
 725 |                     return '';
 726 |                 }
 727 | 
 728 |                 public function browserSupport(): string
 729 |                 {
 730 |                     return '';
 731 |                 }
 732 | 
 733 |                 public function browserSupportUrl(): string
 734 |                 {
 735 |                     return '';
 736 |                 }
 737 |             },
 738 |             Directive::IDLE_DETECTION => new class extends Directive {
 739 |                 public function name(): string
 740 |                 {
 741 |                     return Directive::IDLE_DETECTION;
 742 |                 }
 743 | 
 744 |                 public function specificationName(): string
 745 |                 {
 746 |                     return 'Idle Detection API';
 747 |                 }
 748 | 
 749 |                 public function specificationUrl(): string
 750 |                 {
 751 |                     return 'https://wicg.github.io/idle-detection/#api-permissions-policy';
 752 |                 }
 753 | 
 754 |                 public function browserSupport(): string
 755 |                 {
 756 |                     return 'Chrome 94';
 757 |                 }
 758 | 
 759 |                 public function browserSupportUrl(): string
 760 |                 {
 761 |                     return 'https://chromestatus.com/feature/4590256452009984';
 762 |                 }
 763 |             },
 764 |             Directive::KEYBOARD_MAP => new class extends Directive {
 765 |                 public function name(): string
 766 |                 {
 767 |                     return Directive::KEYBOARD_MAP;
 768 |                 }
 769 | 
 770 |                 public function specificationName(): string
 771 |                 {
 772 |                     return 'Keyboard API';
 773 |                 }
 774 | 
 775 |                 public function specificationUrl(): string
 776 |                 {
 777 |                     return 'https://wicg.github.io/keyboard-map/#permissions-policy';
 778 |                 }
 779 | 
 780 |                 public function browserSupport(): string
 781 |                 {
 782 |                     return 'Chrome 97';
 783 |                 }
 784 | 
 785 |                 public function browserSupportUrl(): string
 786 |                 {
 787 |                     return 'https://www.chromestatus.com/feature/5657965899022336';
 788 |                 }
 789 |             },
 790 |             Directive::MAGNETOMETER => new class extends Directive {
 791 |                 public function name(): string
 792 |                 {
 793 |                     return Directive::MAGNETOMETER;
 794 |                 }
 795 | 
 796 |                 public function specificationName(): string
 797 |                 {
 798 |                     return 'Generic Sensor API';
 799 |                 }
 800 | 
 801 |                 public function specificationUrl(): string
 802 |                 {
 803 |                     return 'https://www.w3.org/TR/generic-sensor/#feature-policy';
 804 |                 }
 805 | 
 806 |                 public function browserSupport(): string
 807 |                 {
 808 |                     return 'Chrome 66';
 809 |                 }
 810 | 
 811 |                 public function browserSupportUrl(): string
 812 |                 {
 813 |                     return 'https://www.chromestatus.com/feature/5758486868656128';
 814 |                 }
 815 |             },
 816 |             Directive::MICROPHONE => new class extends Directive {
 817 |                 public function name(): string
 818 |                 {
 819 |                     return Directive::MICROPHONE;
 820 |                 }
 821 | 
 822 |                 public function specificationName(): string
 823 |                 {
 824 |                     return 'Media Capture';
 825 |                 }
 826 | 
 827 |                 public function specificationUrl(): string
 828 |                 {
 829 |                     return 'https://w3c.github.io/mediacapture-main/#permissions-policy-integration';
 830 |                 }
 831 | 
 832 |                 public function browserSupport(): string
 833 |                 {
 834 |                     return 'Chrome 64';
 835 |                 }
 836 | 
 837 |                 public function browserSupportUrl(): string
 838 |                 {
 839 |                     return 'https://www.chromestatus.com/feature/5023919287304192';
 840 |                 }
 841 |             },
 842 |             Directive::MIDI => new class extends Directive {
 843 |                 public function name(): string
 844 |                 {
 845 |                     return Directive::MIDI;
 846 |                 }
 847 | 
 848 |                 public function specificationName(): string
 849 |                 {
 850 |                     return 'Web MIDI';
 851 |                 }
 852 | 
 853 |                 public function specificationUrl(): string
 854 |                 {
 855 |                     return 'https://webaudio.github.io/web-midi-api/#permissions-policy-integration';
 856 |                 }
 857 | 
 858 |                 public function browserSupport(): string
 859 |                 {
 860 |                     return 'Chrome 64';
 861 |                 }
 862 | 
 863 |                 public function browserSupportUrl(): string
 864 |                 {
 865 |                     return 'https://www.chromestatus.com/feature/5023919287304192';
 866 |                 }
 867 |             },
 868 |             Directive::NAVIGATION_OVERRIDE => new class extends Directive {
 869 |                 public function name(): string
 870 |                 {
 871 |                     return Directive::NAVIGATION_OVERRIDE;
 872 |                 }
 873 | 
 874 |                 public function specificationName(): string
 875 |                 {
 876 |                     return 'CSS Spatial Navigation';
 877 |                 }
 878 | 
 879 |                 public function specificationUrl(): string
 880 |                 {
 881 |                     return 'https://drafts.csswg.org/css-nav-1/#policy-feature';
 882 |                 }
 883 | 
 884 |                 public function browserSupport(): string
 885 |                 {
 886 |                     return '';
 887 |                 }
 888 | 
 889 |                 public function browserSupportUrl(): string
 890 |                 {
 891 |                     return '';
 892 |                 }
 893 |             },
 894 |             Directive::PAYMENT => new class extends Directive {
 895 |                 public function name(): string
 896 |                 {
 897 |                     return Directive::PAYMENT;
 898 |                 }
 899 | 
 900 |                 public function specificationName(): string
 901 |                 {
 902 |                     return 'Payment Request API';
 903 |                 }
 904 | 
 905 |                 public function specificationUrl(): string
 906 |                 {
 907 |                     return 'https://www.w3.org/TR/payment-request/#permissions-policy';
 908 |                 }
 909 | 
 910 |                 public function browserSupport(): string
 911 |                 {
 912 |                     return 'Chrome 60';
 913 |                 }
 914 | 
 915 |                 public function browserSupportUrl(): string
 916 |                 {
 917 |                     return '';
 918 |                 }
 919 |             },
 920 |             Directive::PICTURE_IN_PICTURE => new class extends Directive {
 921 |                 public function name(): string
 922 |                 {
 923 |                     return Directive::PICTURE_IN_PICTURE;
 924 |                 }
 925 | 
 926 |                 public function specificationName(): string
 927 |                 {
 928 |                     return 'Picture-in-Picture';
 929 |                 }
 930 | 
 931 |                 public function specificationUrl(): string
 932 |                 {
 933 |                     return 'https://wicg.github.io/picture-in-picture/#feature-policy';
 934 |                 }
 935 | 
 936 |                 public function browserSupport(): string
 937 |                 {
 938 |                     return 'Chrome';
 939 |                 }
 940 | 
 941 |                 public function browserSupportUrl(): string
 942 |                 {
 943 |                     return '';
 944 |                 }
 945 | 
 946 |                 public function note(): string
 947 |                 {
 948 |                     return 'Shipped in Chrome';
 949 |                 }
 950 |             },
 951 |             Directive::PUBLICKEY_CREDENTIALS_GET => new class extends Directive {
 952 |                 public function name(): string
 953 |                 {
 954 |                     return Directive::PUBLICKEY_CREDENTIALS_GET;
 955 |                 }
 956 | 
 957 |                 public function specificationName(): string
 958 |                 {
 959 |                     return 'Web Authentication API';
 960 |                 }
 961 | 
 962 |                 public function specificationUrl(): string
 963 |                 {
 964 |                     return 'https://w3c.github.io/webauthn/#sctn-permissions-policy';
 965 |                 }
 966 | 
 967 |                 public function browserSupport(): string
 968 |                 {
 969 |                     return 'Chrome 84';
 970 |                 }
 971 | 
 972 |                 public function browserSupportUrl(): string
 973 |                 {
 974 |                     return 'https://bugs.chromium.org/p/chromium/issues/detail?id=993007';
 975 |                 }
 976 |             },
 977 |             Directive::SCREEN_WAKE_LOCK => new class extends Directive {
 978 |                 public function name(): string
 979 |                 {
 980 |                     return Directive::SCREEN_WAKE_LOCK;
 981 |                 }
 982 | 
 983 |                 public function specificationName(): string
 984 |                 {
 985 |                     return 'Wake Lock API';
 986 |                 }
 987 | 
 988 |                 public function specificationUrl(): string
 989 |                 {
 990 |                     return 'https://w3c.github.io/screen-wake-lock/#policy-control';
 991 |                 }
 992 | 
 993 |                 public function browserSupport(): string
 994 |                 {
 995 |                     return 'Chrome 84';
 996 |                 }
 997 | 
 998 |                 public function browserSupportUrl(): string
 999 |                 {
1000 |                     return 'https://www.chromestatus.com/feature/4636879949398016';
1001 |                 }
1002 |             },
1003 |             Directive::SERIAL => new class extends Directive {
1004 |                 public function name(): string
1005 |                 {
1006 |                     return Directive::SERIAL;
1007 |                 }
1008 | 
1009 |                 public function specificationName(): string
1010 |                 {
1011 |                     return 'Web Serial API';
1012 |                 }
1013 | 
1014 |                 public function specificationUrl(): string
1015 |                 {
1016 |                     return 'https://wicg.github.io/serial/#permissions-policy';
1017 |                 }
1018 | 
1019 |                 public function browserSupport(): string
1020 |                 {
1021 |                     return 'Chrome 89';
1022 |                 }
1023 | 
1024 |                 public function browserSupportUrl(): string
1025 |                 {
1026 |                     return '';
1027 |                 }
1028 |             },
1029 |             Directive::SPEAKER => new class extends Directive {
1030 |                 public function name(): string
1031 |                 {
1032 |                     return Directive::SPEAKER;
1033 |                 }
1034 | 
1035 |                 public function specificationName(): string
1036 |                 {
1037 |                     return '';
1038 |                 }
1039 | 
1040 |                 public function specificationUrl(): string
1041 |                 {
1042 |                     return '';
1043 |                 }
1044 | 
1045 |                 public function browserSupport(): string
1046 |                 {
1047 |                     return '';
1048 |                 }
1049 | 
1050 |                 public function browserSupportUrl(): string
1051 |                 {
1052 |                     return '';
1053 |                 }
1054 | 
1055 |                 public function note(): string
1056 |                 {
1057 |                     return 'Unknown directive';
1058 |                 }
1059 | 
1060 |                 public function isDeprecated(): bool
1061 |                 {
1062 |                     return true;
1063 |                 }
1064 |             },
1065 |             Directive::SYNC_XHR => new class extends Directive {
1066 |                 public function name(): string
1067 |                 {
1068 |                     return Directive::SYNC_XHR;
1069 |                 }
1070 | 
1071 |                 public function specificationName(): string
1072 |                 {
1073 |                     return 'XMLHttpRequest';
1074 |                 }
1075 | 
1076 |                 public function specificationUrl(): string
1077 |                 {
1078 |                     return 'https://xhr.spec.whatwg.org/#feature-policy-integration';
1079 |                 }
1080 | 
1081 |                 public function browserSupport(): string
1082 |                 {
1083 |                     return 'Chrome 65';
1084 |                 }
1085 | 
1086 |                 public function browserSupportUrl(): string
1087 |                 {
1088 |                     return 'https://www.chromestatus.com/feature/5154875084111872';
1089 |                 }
1090 |             },
1091 |             Directive::USB => new class extends Directive {
1092 |                 public function name(): string
1093 |                 {
1094 |                     return Directive::USB;
1095 |                 }
1096 | 
1097 |                 public function specificationName(): string
1098 |                 {
1099 |                     return 'WebUSB';
1100 |                 }
1101 | 
1102 |                 public function specificationUrl(): string
1103 |                 {
1104 |                     return 'https://wicg.github.io/webusb/#permissions-policy';
1105 |                 }
1106 | 
1107 |                 public function browserSupport(): string
1108 |                 {
1109 |                     return 'Chrome 60';
1110 |                 }
1111 | 
1112 |                 public function browserSupportUrl(): string
1113 |                 {
1114 |                     return '';
1115 |                 }
1116 |             },
1117 |             Directive::WAKE_LOCK => new class extends Directive {
1118 |                 public function name(): string
1119 |                 {
1120 |                     return Directive::WAKE_LOCK;
1121 |                 }
1122 | 
1123 |                 public function specificationName(): string
1124 |                 {
1125 |                     return '';
1126 |                 }
1127 | 
1128 |                 public function specificationUrl(): string
1129 |                 {
1130 |                     return '';
1131 |                 }
1132 | 
1133 |                 public function browserSupport(): string
1134 |                 {
1135 |                     return '';
1136 |                 }
1137 | 
1138 |                 public function browserSupportUrl(): string
1139 |                 {
1140 |                     return '';
1141 |                 }
1142 | 
1143 |                 public function note(): string
1144 |                 {
1145 |                     return "Probably known as 'screen-wake-rock'";
1146 |                 }
1147 | 
1148 |                 public function isDeprecated(): bool
1149 |                 {
1150 |                     return true;
1151 |                 }
1152 |             },
1153 |             Directive::WEB_SHARE => new class extends Directive {
1154 |                 public function name(): string
1155 |                 {
1156 |                     return Directive::WEB_SHARE;
1157 |                 }
1158 | 
1159 |                 public function specificationName(): string
1160 |                 {
1161 |                     return 'Web Share API';
1162 |                 }
1163 | 
1164 |                 public function specificationUrl(): string
1165 |                 {
1166 |                     return 'https://w3c.github.io/web-share/#permissions-policy';
1167 |                 }
1168 | 
1169 |                 public function browserSupport(): string
1170 |                 {
1171 |                     return 'Chrome 86';
1172 |                 }
1173 | 
1174 |                 public function browserSupportUrl(): string
1175 |                 {
1176 |                     return '';
1177 |                 }
1178 |             },
1179 |             Directive::XR_SPATIAL_TRACKING, Directive::XR, Directive::VR => new class extends Directive {
1180 |                 public function name(): string
1181 |                 {
1182 |                     return Directive::XR_SPATIAL_TRACKING;
1183 |                 }
1184 | 
1185 |                 public function specificationName(): string
1186 |                 {
1187 |                     return 'WebXR Device API';
1188 |                 }
1189 | 
1190 |                 public function specificationUrl(): string
1191 |                 {
1192 |                     return 'https://immersive-web.github.io/webxr/#permissions-policy';
1193 |                 }
1194 | 
1195 |                 public function browserSupport(): string
1196 |                 {
1197 |                     return 'Available as a Chrome Origin Trial';
1198 |                 }
1199 | 
1200 |                 public function browserSupportUrl(): string
1201 |                 {
1202 |                     return 'https://developers.chrome.com/origintrials/#/trials/active';
1203 |                 }
1204 | 
1205 |                 public function note(): string
1206 |                 {
1207 |                     return 'Implemented in Chrome as vr prior to Chrome 79.';
1208 |                 }
1209 |             },
1210 |             default => throw new UnsupportedPermissionException($directive),
1211 |         };
1212 |     }
1213 | }
1214 | 


--------------------------------------------------------------------------------