Move XSTL to script-src in Content-Security-Policy Requested by abarth on #webkit.
This was discussed a while back on the public-web-security mailing list.
Created attachment 110889 [details] Patch
Comment on attachment 110889 [details] Patch OK.
Comment on attachment 110889 [details] Patch Clearing flags on attachment: 110889 Committed r97388: <http://trac.webkit.org/changeset/97388>
All reviewed patches have been landed. Closing bug.