Update WebKit Feature Status page to include the status of Content Security Policy...
authordbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 16 Mar 2016 20:58:29 +0000 (20:58 +0000)
committerdbates@webkit.org <dbates@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 16 Mar 2016 20:58:29 +0000 (20:58 +0000)
* features.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198301 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/features.json

index b3b28ed6f20d067e20996a0f49ae28f4871cd62e..c34b8ab9621f8d71eaa2d4692d9be89f8c3cd77f 100644 (file)
@@ -1,3 +1,9 @@
+2016-03-16  Daniel Bates  <dabates@apple.com>
+
+        Update WebKit Feature Status page to include the status of Content Security Policy Level 2 and Level 3
+
+        * features.json:
+
 2016-03-16  Daniel Bates  <dabates@apple.com>
 
         <video> and <audio> elements do not obey Content Security Policy on redirect
index 8545aabc12eff2a07143fcd74c6b7a5e96617ad8..2f6d593277b4088fd46cab2ae62290083085d3df 100644 (file)
             "twitter": "@smfr"
         }
     },
+    {
+        "name": "Content Security Policy Level 2",
+        "status": {
+            "status": "Done",
+            "enabled-by-default": true
+        },
+        "url": "https://w3c.github.io/webappsec-csp/2/",
+        "keywords": ["csp", "cross-site scripting", "xss", "injection", "header"],
+        "category": "webapps",
+        "description": "A mechanism that web applications can use to mitigate content injection vulnerabilities, such as cross-site scripting (XSS). Developers can declare a CSP policy to prohibit their web application from loading content or executing scripts that have not been whitelisted among other capabilities.",
+        "contact": {
+            "name": "Daniel Bates",
+            "email": "dbates@webkit.org"
+        }
+    },
+    {
+        "name": "Content Security Policy Level 3",
+        "status": {
+            "status": "Partial Support",
+            "enabled-by-default": true
+        },
+        "url": "https://w3c.github.io/webappsec-csp/",
+        "keywords": ["csp", "cross-site scripting", "xss", "injection", "header"],
+        "category": "webapps",
+        "contact": {
+            "name": "Daniel Bates",
+            "email": "dbates@webkit.org"
+        }
+    },
     {
         "name": "DOM",
         "url": "https://dom.spec.whatwg.org",