Currently the Content Security Policy plugin-types directive is guarded by ENABLE(CSP_NEXT) and a runtime flag, both are disabled by default. This directive has been part of the Content Security Policy spec. since version 1.1 and other browsers, Google Chrome, have enabled it by default for some time. We should enable it by default.
<rdar://problem/24730322>
Created attachment 272070 [details] Patch
Comment on attachment 272070 [details] Patch r=me
Comment on attachment 272070 [details] Patch Clearing flags on attachment: 272070 Committed r197038: <http://trac.webkit.org/changeset/197038>
All reviewed patches have been landed. Closing bug.