Add `Feature-Policy` headers to limit exposure
Add Feature-Policy
headers to limit exposure. As an example, we have no need for the geolocation
API so we can opt-out and protect users if some XSS happens.
See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
- disable
Edited by Eric Eastwood