1. Web
  2. HTTP
  3. Reference
  4. Headers
  5. Permissions-Policy
  6. loopback-network
View on MDN

Permissions-Policy: loopback-network directive

Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The HTTP Permissions-Policy header loopback-network directive controls whether the current document is allowed to make network requests to loopback addresses.

A loopback address is only accessible on the local host; its target will differ on every device. For example, 127.0.0.1, which is generally known as localhost.

Specifically, where a defined policy blocks use of this feature, requests to loopback addresses will always fail.

See Local Network Access for more details.

Syntax

http
Permissions-Policy: loopback-network=<allowlist>;
<allowlist>

A list of origins for which permission is granted to use the feature. See Permissions-Policy > Syntax for more details.

Default policy

The default allowlist for loopback-network is self.

Specifications

This feature does not appear to be defined in any specification.

Browser compatibility

See also

Help improve MDN

Learn how to contribute

This page was last modified on by MDN contributors.

View this page on GitHubReport a problem with this content