Why is my camera not working on my website?

Check if a Permissions-Policy header is blocking the camera feature. Also verify the page is served over HTTPS — most browser APIs require a secure context.

How do I allow features in embedded iframes?

Use the allow attribute on the iframe element: . The parent page's Permissions-Policy must also allow these features.

Feature Policy Violations — Permissions-Policy Header Errors in Browsers

Warning4xx client error

Overview

Fix Permissions-Policy (formerly Feature-Policy) violations blocking camera, microphone, geolocation, and other browser APIs on your website.

Key Details

Permissions-Policy (formerly Feature-Policy) controls which browser features a page can use
Violations block access to APIs like camera, microphone, geolocation, payment, and fullscreen
Policies can be set via HTTP header or iframe allow attribute
Third-party iframes inherit the parent page's policy restrictions
Violations appear as errors in the browser console but do not trigger network errors

Common Causes

Permissions-Policy header blocking features your page legitimately needs
Embedding a third-party widget in an iframe without setting the allow attribute
CDN or security headers middleware adding overly restrictive default policies
Policy directive syntax errors causing the entire header to be ignored

Steps

1Check the browser console for 'Permissions policy violation' or 'Feature policy violation' messages
2Review your Permissions-Policy header: ensure needed features are listed as allowed for your origin
3For iframes, add the allow attribute: <iframe allow='camera; microphone; geolocation' src='...'>
4Set specific policies rather than blanket restrictions: Permissions-Policy: camera=(self), geolocation=(self)
5Test with Chrome DevTools > Application > Permissions Policy to see active policies and violations

More in 4xx Client Error

http-400-bad-requestHTTP 400 Bad Request — What It Means & How to Fix It

Error

http-401-unauthorizedHTTP 401 Unauthorized — What It Means & How to Fix It

Error

http-402-payment-requiredHTTP 402 Payment Required — What It Means & How to Fix It

Error

http-403-forbiddenHTTP 403 Forbidden — What It Means & How to Fix It

Error

http-404-not-foundHTTP 404 Not Found — What It Means & How to Fix It

Error

http-405-method-not-allowedHTTP 405 Method Not Allowed — What It Means & How to Fix It

Error

Frequently Asked Questions

Feature-Policy was renamed to Permissions-Policy with a new syntax. The old header used space-separated values (camera 'self'), the new header uses structured fields (camera=(self)).

Feature Policy Violations — Permissions-Policy Header Errors in Browsers

Overview

Key Details

Common Causes

Steps

Tags

More in 4xx Client Error

Frequently Asked Questions