Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support individual CSP rules #4751

Open
demee opened this issue Jan 30, 2019 · 4 comments
Open

Support individual CSP rules #4751

demee opened this issue Jan 30, 2019 · 4 comments

Comments

@demee
Copy link

demee commented Jan 30, 2019

I think it would be nice if I could look for the individual directive and see which browser they apply to. I.e. I could search for new Level 3 individual directive like script-src-elem.

Thank You.

@Malvoz
Copy link
Contributor

Malvoz commented Feb 4, 2019

+1

@Malvoz
Copy link
Contributor

Malvoz commented Feb 28, 2019

It'd be helpful if we could list which CSP directives were introduced after the initial level 3 specification was released.

Some new directives are:

script-src-attr, script-src-elem, style-src-attr, style-src-elem, prefetch-src, strict-dynamic, unsafe-hashes (renamed from unsafe-hashed-attributes, Chrome status: https://www.chromestatus.com/feature/5867082285580288):

Proposed directives: wasm-unsafe-eval (renamed from wasm-eval), webrtc-src and trusted-types (relates to: #4787).

@Malvoz
Copy link
Contributor

Malvoz commented Mar 22, 2019

For reference, here's other issues related to individual CSP directives support:

@GreenReaper
Copy link

GreenReaper commented Apr 4, 2022

wasm-unsafe-eval is supposedly in Chrome 97. It was also implemented in WebKit in February, but I can't see a Safari release tag that applies to the commit. It may be in iOS 15.4/Mac OS X 10.15.6, which have not yet been tagged, or a later release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants