Permissions-Policy: payment
{{HTTPSidebar}} {{SeeCompatTable}}
The HTTP {{HTTPHeader("Permissions-Policy")}} header field’s payment directive controls whether the current document is allowed to use the Payment Request API.
Specifically, where a defined policy blocks use of this feature, {{DOMxRef("PaymentRequest.PaymentRequest", "PaymentRequest()")}} constructor calls will throw a {{domxref("DOMException")}} of type SecurityError.
Syntax
Permissions-Policy: payment=<allowlist>;
<allowlist>- : A list of origins for which permission is granted to use the feature. See
Permissions-Policy> Syntax for more details.
- : A list of origins for which permission is granted to use the feature. See
Default policy
The default allowlist for payment is self.
Specifications
{{Specifications}}
Browser compatibility
{{Compat}}
See also
{{HTTPHeader("Permissions-Policy")}}header field- Permissions Policy