Bug 30081

Summary: Support Mozilla's CSP proposal
Product: WebKit Reporter: Peter Kasting <pkasting>
Component: PlatformAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Enhancement CC: abarth, ap, aroben, bugmail, bugzilla, ddkilzer, johnath, jwalden+bwo, mike, sam
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: PC   
OS: All   
URL: http://people.mozilla.org/~bsterne/content-security-policy/index.html

Description Peter Kasting 2009-10-05 10:13:34 PDT 
CSP, as described in the above URL, is a proposal to enhance site security by allowing web authors to restrict what sorts of capabilities a page has.

Implementing this would be a boon for web authors trying to reduce XSS and similar attacks.
Comment 1 Adam Barth 2009-10-05 10:20:49 PDT 
I talked to Sid via chat.  He said he'd thrilled if we implemented CSP.  It might be the right time to review the spec in detail and start a prototype implementation.
Comment 2 Alexey Proskuryakov 2010-03-31 16:33:54 PDT 
<rdar://problem/5992706>
Comment 3 Sam Weinig 2011-10-04 17:50:46 PDT 

*** This bug has been marked as a duplicate of bug 53572 ***