W3C Invites Implementations of Content Security Policy Level 2

The Web Application Security Working Group has published a Candidate Recommendation of Content Security Policy Level 2. This specification updates Content Security Policy, fine-tuning the existing policy options, and introducing a number of new mechanisms that site authors can use to mitigate the risk of content injection and related attacks. Major differences from Content Security Policy Level 1 may be found in Section 1.1 of the document.
With this publication, we move the earlier edition off the Recommendation Track to a Note (Content Security Policy 1.0) and invite implementers to share their experience with CSP Level 2. Learn more about the Security Activity.

Comments

Popular posts from this blog

SEO vs AEO vs GEO vs SXO vs AIO in 2026: The Complete Guide to Winning Search and AI Discovery

First Public Working Draft: Quantum-Resistant Cryptosuites v1.0 – W3C Takes a Major Step Toward a Post-Quantum Web

Open Task Forces to Discuss Web Schemas, Data Formats