Safari内容安全策略支持 [英] Safari content security policy support

问题描述

我在哪里可以找到Safari浏览器支持哪些内容安全策略（CSP）功能？

Where can I find out what content security policy (CSP) features are supported by the Safari browser?

我仅收到有关Safari的错误报告，并且想要确认Safari是否支持我已有的策略。

I am getting error reports only for Safari and want to confirm whether or not Safari supports the policy I have in place.

我的策略：

base-uri; object-src; script-src https://*.example.com *.example.com 'nonce-LwhUCQNCuRTtk6dBXRpPjw==' 'strict-dynamic' 'unsafe-inline'; report-uri https://example.com/csp/report;",

推荐答案

现在看来我的答案已经过时了：

Looks like my answer is now out of date:

重要提示：此文档不再更新。有关Apple SDK的最新信息，请访问文档网站。

旧答案：

几个月后，我偶然发现了我的自己未解决的问题:(。

A few months later and I stumble upon my own unanswered question :(.

我发现，找出支持的最佳位置是Safari的发行说明。

The best place to find out what is supported, that I've found, is Safari's release notes.

FWIW Safari 10.0.0中添加了CSP 2.0支持

FWIW CSP 2.0 support was added in Safari 10.0.0

这篇关于Safari内容安全策略支持的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！