search

paragonie / csp-builder

Build Content-Security-Policy headers from a JSON file (or build them programmatically)
https://paragonie.com/projects
MIT License
543 stars 40 forks source link

Add X-Content-Security-Policy and X-WebKit-CSP to sendCSPHeader() #1

Closed timoh6 closed 9 years ago

timoh6 commented 9 years ago

To gain a greater device support for the CSP (namely older IE, Safari and some mobile browsers), I suggest to add:

X-Content-Security-Policy

and

X-WebKit-CSP

headers in addition to Content-Security-Policy.

paragonie-scott commented 9 years ago

:+1: I'll add the patch tonight. Thanks for the suggestion.