Same-origin embedded content
<iframe src="fullscreen.html">
</iframe>
Feature policies can be used to control whether a frame is allowed to enter fullscreen mode. This page demonstrates how the policy can be set at the top-level page to allow frames from one origin and not another.
The first frame comes from the same origin as the top-level page, and will be allowed to enter fullscreen in a browser which supports feature policy.
The second and third frames are identical, but hosted on different origins. One will be allowed to enter fullscreen, and the other will not.
Finally, the last frame is hosted on an origin which is allowed to enter fullscreen, but it has its own policy header, which explicitly declines the fullscreen feature.
Feature-Policy: fullscreen 'self' http://a.featurepolicy.rocks
<iframe src="fullscreen.html">
</iframe>
<iframe src="http://a.featurepolicy.rocks/fullscreen.html">
</iframe>
<iframe src="http://a.featurepolicy.rocks/fullscreen.html">
</iframe>
<iframe src="http://b.featurepolicy.rocks/fullscreen.html"> allow="fullscreen"
</iframe>
<iframe src="http://b.featurepolicy.rocks/fullscreen.html">
</iframe>
<iframe src="http://a.featurepolicy.rocks/no-fullscreen.html">
</iframe>
<iframe src="no-fullscreen.html">
</iframe>