Additional Security Headers

Optional Additional Security Headers

Permissions-Policy Header

• The permissions-policy can be configured in the security section, like the CSP (content security policy) header. This provides a way to allow and deny the use of browser features, such as camera and video autoplay permissions
  • Can be configured in settings->security
  • No configuration by default
  • Used to allow and deny the use of browser features

Referrer-Policy Header

• The referrer-policy can be configured within the email defaults screen, with the default being set to none, meaning that no referrer-policy is set, and the browser’s default policy is used. Options are used to determine how much referrer information should be included with request when contacts are visiting from other pages.
  • Can be configured in email defaults
  • Set to none as default
  • Controls how much referrer information should be included with requests

Steps to Enable

You don't need to do anything to enable this feature.

Key Resources

• Learn more about Permissions-Policy Headers

• Learn more about Referrer-Policy Headers