Update WebKit Feature Status page to include the status of Content Security Policy...
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 16 Mar 2016 20:58:29 +0000 (20:58 +0000)
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 16 Mar 2016 20:58:29 +0000 (20:58 +0000)
* features.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198301 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/features.json

index b3b28ed..c34b8ab 100644 (file)
@@ -1,5 +1,11 @@
 2016-03-16  Daniel Bates  <dabates@apple.com>
 
+        Update WebKit Feature Status page to include the status of Content Security Policy Level 2 and Level 3
+
+        * features.json:
+
+2016-03-16  Daniel Bates  <dabates@apple.com>
+
         <video> and <audio> elements do not obey Content Security Policy on redirect
         https://bugs.webkit.org/show_bug.cgi?id=155509
         <rdar://problem/10234844>
index 8545aab..2f6d593 100644 (file)
         }
     },
     {
+        "name": "Content Security Policy Level 2",
+        "status": {
+            "status": "Done",
+            "enabled-by-default": true
+        },
+        "url": "https://w3c.github.io/webappsec-csp/2/",
+        "keywords": ["csp", "cross-site scripting", "xss", "injection", "header"],
+        "category": "webapps",
+        "description": "A mechanism that web applications can use to mitigate content injection vulnerabilities, such as cross-site scripting (XSS). Developers can declare a CSP policy to prohibit their web application from loading content or executing scripts that have not been whitelisted among other capabilities.",
+        "contact": {
+            "name": "Daniel Bates",
+            "email": "dbates@webkit.org"
+        }
+    },
+    {
+        "name": "Content Security Policy Level 3",
+        "status": {
+            "status": "Partial Support",
+            "enabled-by-default": true
+        },
+        "url": "https://w3c.github.io/webappsec-csp/",
+        "keywords": ["csp", "cross-site scripting", "xss", "injection", "header"],
+        "category": "webapps",
+        "contact": {
+            "name": "Daniel Bates",
+            "email": "dbates@webkit.org"
+        }
+    },
+    {
         "name": "DOM",
         "url": "https://dom.spec.whatwg.org",
         "keywords": ["dom", "dom4"],