"The latest WebKit builds and Safari Technology Preview now support all of the features of the Content Security Policy Level 2 standard <https://w3c.github.io/webappsec-csp/2/>, including hashes for script and style elements."
- <script> and <style> hashes (browsers that support CSP , but do not support CSP hashes will refuse to load the script or style, unless you use the unsafe-inline keyword as well) - More restrictive wildcard * (this is a backwards incompatible change) https://webkit.org/blog/6830/a-refined-content-security-policy/
