Answer a question

1° I need to implement the permissions-policy header in the .htacces file

2° I spent a whole day looking for the header on the internet, but yet, i found only explanations that i did not understand a 100% how to implement that.

3° The better explanation that i found about the header is in this article Permissions-Policy. i inserted this line of code in the .htacces file to make the magic happens, BUT i didn't get the Green Flag on the securityheaders

Permissions-Policy: fullscreen=(self "https://example.com" "https://another.example.com"), geolocation=*, camera=()

4° Please, i'll be extremely grateful for a help!

5° The image shows the result of the security headers scan

Answers

Since no one could directly give me a help, i found by myself the answer that works like a charm.

What is the Permissions Policy header

The Permission Policy header is a security header that controls which browser features can be used. Besides implementing these rules for your own content it can also prevent external iframes from using these browser features, making it a powerful header to secure your site.

This allows you to have fine-grained control over which browser functions your site can use. There are a lot of directives that can be controlled with the Permission Policy header. For an extensive overview of all directives see New Permissions-Policy Directives and Features

And the code inside the .htaccess file is:

<IfModule mod_headers.c>

Header always set Permissions-Policy "geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);"  

</IfModule>

This can help you to get your Permission-Policy Flag on Secury Header.