Content Security Policy (CSP)
Widely available since 2019-02-02
Content Security Policy (CSP) helps to mitigate certain security threats, including cross-site scripting (XSS) and clickjacking attacks. It consists of a set of directives from a website to a browser, which instruct the browser to restrict the things that the site is allowed to do.
Learning resources on MDN
No MDN documentation found. You can search for the feature on MDN. If you believe that MDN has no documentation about this feature, you can open an issue on MDN's GitHub repository.Browser support (view on caniuse.com)
- Chrome 25 Released on 2013-02-21
- Chrome Android 25 Released on 2013-02-27
- Edge 14 Released on 2016-08-02
- Firefox 23 Released on 2013-08-06
- Firefox for Android 23 Released on 2013-08-06
- Safari 7 Released on 2013-10-22
- Safari on iOS 7 Released on 2013-09-18
Surveys
- State of HTML 2023: features/all_features question
- State of HTML 2023: content/content_features question
Specifications
View web-platform-tests results for this feature - View the feature source file (dist) - Edit the feature - Report an issue about this feature