Use standard CSP headers only

RESOLVED FIXED

Status

RESOLVED FIXED
5 years ago
5 years ago

People

(Reporter: jon, Assigned: jon)

Tracking

Details

(Assignee)

Description

5 years ago
Current versions of Chrome, Firefox, and Safari support the standard Content-Security-Policy header. We shouldn't be sending the deprecated X-Content-Security-Policy and X-Webkit-CSP headers.

Updated

5 years ago
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.