clipboard-write
Permissions-Policy Other

Overview

The clipboard-write directive controls writing data to the system clipboard via navigator.clipboard.write() and writeText(). It is less risky than reading and is usually allowed within a user gesture; its default allowlist is self.

Details

`clipboard-write=*` allows all origins, `clipboard-write=(self)` the document's own origin, `clipboard-write=()` blocks it entirely, and `clipboard-write=(self "https://app.example.com")` delegates to a named origin. An iframe needs `allow="clipboard-write"`. When the policy denies it, the Promise returned by navigator.clipboard.writeText() rejects with a NotAllowedError.

Browsers commonly require writes to be called within a user gesture (transient activation), such as clicking an explicit copy button; even a permissive policy may reject calls made outside a gesture. In the copy-to-clipboard buttons common to utility tools you must satisfy both this directive and the user-interaction requirement. It replaces the legacy Feature-Policy feature.

Syntax

Permissions-Policy: clipboard-write=(self)

Notes

Related directives