The encrypted-media policy controls whether encrypted media extensions are available in the document.

If disabled, the promise returned by requestMediaKeySystemAccess() must return a promise which rejects with a SecurityError DOMException object as its parameter.

How to apply this policy

Send the following HTTP header to control the encrypted-media policy, and disallow it on all origins:

Feature-Policy: encrypted-media 'none'

Affected use case example


if (!window.navigator.requestMediaKeySystemAccess) {
        throw new Error('Browser does not support EME');
      (async () => {
        const keysystems = ['com.widevine.alpha', 'com.microsoft.playready', 'com.youtube.playready', 'webkit-org.w3.clearkey', 'org.w3.clearkey', 'com.adobe.primetime', 'com.adobe.access', 'com.apple.fairplay'];
        for (const ks of keysystems) {
          try {
            const mksAccess = await navigator.requestMediaKeySystemAccess(ks, [{contentType: 'video/webm; codecs="vp9"'}]);
            return DemoUtils.reportDemoResult(true, {resultDetail: 'Got MediaKeySystemAccess for ' + ks});
          } catch(e) {
            if (e.code === 18) {
              return DemoUtils.reportDemoResult(false, {resultDetail: e.toString()});
        DemoUtils.reportDemoResult(true, {resultDetail: 'Successfully called requestMediaKeySystemAccess but could not find a supported KeySystem'});



Waiting for the demo to report a result...

Does it work?

Currently Firefox, and Chromium based browsers, such as Google Chrome, Samsung Internet, and Opera, are the only user-agents to support Feature Policy. The minimum version that correctly recognises the encrypted-media policy is:

Mozilla Firefox


Google Chrome


Microsoft Edge

Not supported

Apple Safari

Not supported