From 74d0972f0c084164b80a64309a4ba4852c5b584c Mon Sep 17 00:00:00 2001
From: Mike Beerman <29874229+bearmannl@users.noreply.github.com>
Date: Sat, 4 Jan 2025 14:11:23 +0100
Subject: [PATCH 1/2] Update tkserv.cc

Updated to add Permissions-Policy header.
---
 tkserv.cc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tkserv.cc b/tkserv.cc
index a1e3cc5..c6ef5d8 100644
--- a/tkserv.cc
+++ b/tkserv.cc
@@ -1647,6 +1647,8 @@ int main(int argc, char** argv)
 
     res.set_header("Content-Security-Policy", "frame-ancestors 'none';");
 
+    res.set_header("Permissions-Policy", "accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials=(self), screen-wake-lock=(), serial=(), speaker=(), usb=(), web-share=(), xr-spatial-tracking=()");
+
     if(endsWith(req.path, ".js") || endsWith(req.path, ".css"))
       res.set_header("Cache-Control", "max-age=3600");
 

From 5658400de199d0fc5fb05e24beed95191b88038d Mon Sep 17 00:00:00 2001
From: Mike Beerman <29874229+bearmannl@users.noreply.github.com>
Date: Sat, 4 Jan 2025 17:50:36 +0100
Subject: [PATCH 2/2] Update tkserv.cc

Reductie in aantal permissions policies. Specifiek alles met enige relatie tot video/images.
---
 tkserv.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tkserv.cc b/tkserv.cc
index a4f1eac..a65c667 100644
--- a/tkserv.cc
+++ b/tkserv.cc
@@ -1648,7 +1648,7 @@ int main(int argc, char** argv)
 
     res.set_header("Content-Security-Policy", "frame-ancestors 'none';");
 
-    res.set_header("Permissions-Policy", "accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials=(self), screen-wake-lock=(), serial=(), speaker=(), usb=(), web-share=(), xr-spatial-tracking=()");
+    res.set_header("Permissions-Policy", "accelerometer=(), ambient-light-sensor=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials=(self), serial=(), usb=(), xr-spatial-tracking=()");
 
     if(endsWith(req.path, ".js") || endsWith(req.path, ".css"))
       res.set_header("Cache-Control", "max-age=3600");