embedding android AR without allow=”xr-spatial-tracking”

Hi,

We have variety of customers displaying our 3D models on their website using iframe hosted on our cloud. Recently we have found out, that Android AR works* inside iframe only if there is explicit allowance in iframe using such code:

<iframe src=”https://(address)” allow=”xr-spatial-tracking” frameborder=”0″ allowfullscreen></iframe>

*otherwise it is not detected, nor can be triggered manually (fails on requestSession in v3D). Furthermore, HTTPS is mandatory or also doesnt work.

Question:

a) can we anyhow avoid telling all our customers to change their code online?

b) if not, how exactly our iframe should look like? Is above sufficient or should we include something else (minding also future features)?

thank you very much for your support,

Petr from Precismo