• If the result of running the May Document use powerful features? algorithm [MIXED-CONTENT] on document is not Allowed, run the following steps:
• If the result of running the Is non-privleged context allowed? algorithm is Allowed, skip the next step.

NOTEThis step is DEPRECATED. It is expected that this requirement will be made mandatory during Candidate Recommendation (CR). Authors are advised that implementations may remove it before then.

• Reject promise with a new DOMException whose name is NotSupportedError.

NOTE Requiring secure origins is not a replacement for other security- and privacy-related requirements and recommendations. Implementations must meet all related requirements and should follow related recommendations such that the risks on an insecure origin would be similar.

3.1.2.3 Is non-privleged context allowed? - DEPRECATED

This algorithm is DEPRECATED. When removed, callers will behave as if it returned Not Allowed.

Implementations should return Not Allowed. Implementations may return Allowed.

​

​