Page history
5 October 2012
21 May 2010
21 April 2010
20 April 2010
13 March 2010
12 March 2010
→Activation and Enforcement
m+4
→Handling Parse Errors
m+6
→Violation Report Sample
m+2
→policy-uri
m+2
→Policy Language and Syntax
m+92
→Terminology
m+3
→Formal Policy Syntax
m−3
→Formal Policy Syntax
m+5
6 March 2010
28 December 2009
3 November 2009
→report-uri
m+13
→Restrictions on policy-uri and report-uri
m−9
→Restrictions on policy-uri and report-uri
m−11
23 October 2009
8 October 2009
→Port Wildcards
m→No data: URIs unless opted-in to via explicit policy
+144
→Restrictions on policy-uri and report-uri
+296
→options
+41
→Code will not be created from strings
+143
2 October 2009
30 September 2009
→Content Restrictions: clarified that CSP won't stop links
m+209
→User-Agent and Other Client-Side Considerations: no version beacon
−262
→Formal Policy Syntax
+552
28 September 2009
17 September 2009
16 September 2009
20 August 2009
19 August 2009
12 August 2009
10 August 2009
→Handling Parse Errors: handle options directive issues
+215
→Formal Policy Syntax: added "options" directive
+39
→script-src
m+22
→options
m+1
→Directives: added "options" directive
+599
5 August 2009
23 July 2009
→Activation and Enforcement
−168
→HTTP Header Placement
m−67
→Policy Refinements with a Multiply-Specified Header
m+1
→User-Agent and Other Client-Side Considerations: added info about a report-only mode
+818
→report-uri: restricting to public suffix plus one, explaining what to do when it doesn't match
+437
→Formal Policy Syntax: added xhr-src to syntax
+35