Content Security Policy 1.0

Mitigate cross-site scripting attacks by whitelisting allowed sources of script, style, and other resources.

IE Edge Firefox Chrome Safari Opera iOS Safari Opera Mini Android Browser Blackberry Browser Opera Mobile Chrome for Android Firefox for Android IE Mobile UC Browser for Android Samsung Internet QQ Browser Baidu Browser
49
56 9.3 4.4
14 52 57 10 10.0-10.2 4.4.3-4.4.4 4
11
See notes:
  • 1
15 53 58 10.1 44 10.3 all 56 10
See notes:
  • 2
37 57 52 11
See notes:
  • 1
11.4
See notes:
  • 2
5 1.2 7.12
54 59 TP 45
55 60 46
56 61

Notes

The standard HTTP header is Content-Security-Policy which is used unless otherwise noted.

Links