Modified: trunk/Source/WebCore/ChangeLog (198300 => 198301)
--- trunk/Source/WebCore/ChangeLog 2016-03-16 20:44:04 UTC (rev 198300)
+++ trunk/Source/WebCore/ChangeLog 2016-03-16 20:58:29 UTC (rev 198301)
@@ -1,5 +1,11 @@
2016-03-16 Daniel Bates <[email protected]>
+ Update WebKit Feature Status page to include the status of Content Security Policy Level 2 and Level 3
+
+ * features.json:
+
+2016-03-16 Daniel Bates <[email protected]>
+
<video> and <audio> elements do not obey Content Security Policy on redirect
https://bugs.webkit.org/show_bug.cgi?id=155509
<rdar://problem/10234844>
Modified: trunk/Source/WebCore/features.json (198300 => 198301)
--- trunk/Source/WebCore/features.json 2016-03-16 20:44:04 UTC (rev 198300)
+++ trunk/Source/WebCore/features.json 2016-03-16 20:58:29 UTC (rev 198301)
@@ -118,6 +118,35 @@
}
},
{
+ "name": "Content Security Policy Level 2",
+ "status": {
+ "status": "Done",
+ "enabled-by-default": true
+ },
+ "url": "https://w3c.github.io/webappsec-csp/2/",
+ "keywords": ["csp", "cross-site scripting", "xss", "injection", "header"],
+ "category": "webapps",
+ "description": "A mechanism that web applications can use to mitigate content injection vulnerabilities, such as cross-site scripting (XSS). Developers can declare a CSP policy to prohibit their web application from loading content or executing scripts that have not been whitelisted among other capabilities.",
+ "contact": {
+ "name": "Daniel Bates",
+ "email": "[email protected]"
+ }
+ },
+ {
+ "name": "Content Security Policy Level 3",
+ "status": {
+ "status": "Partial Support",
+ "enabled-by-default": true
+ },
+ "url": "https://w3c.github.io/webappsec-csp/",
+ "keywords": ["csp", "cross-site scripting", "xss", "injection", "header"],
+ "category": "webapps",
+ "contact": {
+ "name": "Daniel Bates",
+ "email": "[email protected]"
+ }
+ },
+ {
"name": "DOM",
"url": "https://dom.spec.whatwg.org",
"keywords": ["dom", "dom4"],
