I would like to add a geolocation feature to my Forge app, however it is not possible at the moment because of some security restrictions.
According to the documentation (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy/geolocation), using geolocation with an iframe element requires to add a
Feature-Policy header and include an
allow attribute on the iframe element.
Is it possible to allow this feature in Forge app sandboxed iframe?
About security… users are prompted for permission before using geolocation feature, it cannot be used without users approval, so I think it is not a security risk.