Permissions Policy

A Permissions Policy provides a mechanism for you to explicitly declare what functionality can and cannot be used on your website.

The monetization policy directive allows you to enable and disable the Web Monetization API within a document and within any of the document’s nested browsing contexts (iframes).

Syntax

Permissions-Policy: monetization=(allowlist)

Where (allowlist) is a list of origins permitted to use the Web Monetization API.

The default allowlist is self.

Permissions-Policy: monetization=(self)

Note

The allow attribute determines the container policy that will be used when the permissions policy for a Document in the iframe’s content navigable is initialized. Adding or removing the monetization attribute has no effect on an already-loaded Document.

Example

You want to allow Web Monetization on your website and in all nested browsing contexts (iframes) in the same origin.

You configure your web server to return the Permissions-Policy HTTP header on each of your pages.

Permissions-Policy: monetization=(self)

// ## Browser compatibility

	desktop						mobile
	Chrome	Edge	Firefox	Internet Explorer	Opera	Safari	WebView Android	Chrome Android	Firefox for Android	Opera Android	Safari on iOS	Samsung Internet	Puma Browser
monetization	Yes	Yes	Yes	No	Yes	No	No	No	No	No	No	No	Yes

Full Support

No Support

You'll need to use a Web Monetization Extension

Specifications

Specification
Web Monetization #permissions-policy