Allows developers to selectively enable and disable use of Synchronous XMLHttpRequest requests through the feature policy HTTP header or the <iframe> "allow" attribute. The identifier for the feature in policies is "sync-xhr". By default, synchronous XHR is allowed in all frames. If developers wish to disable this on any page, they can include a header like: Feature-Policy: sync-xhr 'none' Or embed content in an frame with sync XHR disabled like: <iframe src="..." allow="sync-xhr 'none'">
Docs: https://xhr.spec.whatwg.org/ https://github.com/whatwg/xhr/pull/177 https://github.com/whatwg/xhr/issue/178
Samples: https://wpt.fyi/xhr/xmlhttprequest-sync-default-feature-policy.sub.html https://feature-policy-demos.appspot.com/sync-xhr.html?on