Web platform features explorer

Content Security Policy (CSP)

Content Security Policy (CSP) helps to mitigate certain security threats, including cross-site scripting (XSS) and clickjacking attacks. It consists of a set of directives from a website to a browser, which instruct the browser to restrict the things that the site is allowed to do.

Status

Baseline Widely Available (since 2019-02-02)

Browser support (view on caniuse.com)

  • Chrome 25 Released on 2013-02-21
  • Chrome Android 25 Released on 2013-02-27
  • Edge 14 Released on 2016-08-02
  • Firefox 23 Released on 2013-08-06
  • Firefox for Android 23 Released on 2013-08-06
  • Safari 7 Released on 2013-10-22
  • Safari on iOS 7 Released on 2013-09-18

Developer signals