Feature-Policy / Permissions-Policy Issue with Nginx

  • Resolved youssefx

    (@youssefx)


    12 months ago

    When i turn on this option: *Feature-Policy / Permissions-Policy

    i got the error on my nginx web server

    what do you think the solution for this in Nginx web server?

    Best regards

    Youssef

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @youssefx

    Thank you for reaching out and I am happy to help!

    Can you please share the website URL and the error you are getting? Please check the Performance>Install tab and check if that matches the nginx.config file.
    Please also restart the nginx service and let me know if this helps!

    Thanks!

    Thread Starter youssefx

    (@youssefx)

    i didnt reload my nginx for not crashing my site but as you can see the nginx is failed and second image is for nginx.conf in document root of my site, the two directives causes the error the site name is showik.com

    https://ikkort.com/3umdf5u

    • This reply was modified 12 months ago by youssefx.
    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @youssefx

    Thank you for your feedback.
    Most likely the issue is some security aspect on your nginx.conf or on the server.

    If this causes issues, you should keep the option disabled.

    Thanks!

    Thread Starter youssefx

    (@youssefx)

    Please consider these are apache directives causes the issue inside the nginx file.

    • This reply was modified 12 months ago by youssefx.
    andyacad

    (@andyacad)

    Hello @vmarko

    I’m having the same issue, so instead of creating new thread, I thought it’s best to comment on this thread.

    The error in nginx syntax indicates an unknown directive “Header” that has been included in the main nginx.conf configuration file.

    The unknown directive has been added to the W3TC nginx include file, also called nginx.conf.

    nginx: [emerg] unknown directive "Header" in /var/www/example.com/public_html/nginx.conf

    If you look at the image that @youssefx added above, it’s easy to identify the issues. The issue is not caused by “some security aspect” but rather W3TC.

    After you enable the Feature Policy / Permissions Policy, W3TC adds Header set and not add_header for this header: this is what W3TC adds to the W3TC nginx.conf file – the issue is clearly visible.

    add_header Referrer-Policy "strict-origin-when-cross-origin";

    Header set Feature-Policy "accelerometer 'none'"

    Header set Permissions-Policy "accelerometer=(none)"

    add_header Vary "Accept-Encoding"

    Header set is an Apache web server directive

    add_header is a nginx web server directive.

    W3TC is adding Apache directives to an nginx configuration file, which results in a nginx synax test failing.

    You need to add only add_header Permissions-Policy “followed by the created policy”;

    EXAMPLE:

    add_header Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=self,payment=()";

    Feature policy needs to be removed entirely.

    I hope your dev’s can attend to this issue asap, as it’s means you are not able to implement a Permissions Policy on cached files.

    Regards

    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @andyacad @youssefx

    Thank you for your feedback and for pointing this out.
    Somehow I’ve missed this.
    I’ve shared this with the team and I’ll get back to you once I have a fix.
    THanks!

    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    This will be fixed in the upcoming release.

    https://github.com/BoldGrid/w3-total-cache/pull/779

    Thanks!

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Feature-Policy / Permissions-Policy Issue with Nginx’ is closed to new replies.

Tags