问题
Where can I find out what content security policy (CSP) features are supported by the Safari browser?
I am getting error reports only for Safari and want to confirm whether or not Safari supports the policy I have in place.
My Policy:
base-uri; object-src; script-src https://*.example.com *.example.com 'nonce-LwhUCQNCuRTtk6dBXRpPjw==' 'strict-dynamic' 'unsafe-inline'; report-uri https://example.com/csp/report;",
回答1:
A few months later and I stumble upon my own unanswered question :(.
The best place to find out what is supported, that I've found, is Safari's release notes.
FWIW CSP 2.0 support was added in Safari 10.0.0
来源:https://stackoverflow.com/questions/44318505/safari-content-security-policy-support