Content Security Policy Level 2
- RECMitigate cross-site scripting attacks by only allowing certain sources of script, style, and other resources. CSP 2 adds hash-source, nonce-source, and five new directives
Chrome
- ❌ 4 - 35: Not supported
- ◐ 36 - 38: Partial support
- ◐ 39: Partial support
- ✅ 40 - 130: Supported
- ✅ 131: Supported
- ✅ 132 - 134: Supported
Edge
- ❌ 12 - 14: Not supported
- ◐ 15 - 18: Partial support
- ✅ 79 - 130: Supported
- ✅ 131: Supported
Safari
- ❌ 3.1 - 9.1: Not supported
- ✅ 10 - 18.0: Supported
- ✅ 18.1: Supported
- ✅ 18.2 - TP: Supported
Firefox
- ❌ 2 - 30: Not supported
- ◐ 31 - 34: Partial support
- ◐ 35: Partial support
- ◐ 36 - 44: Partial support
- ✅ 45 - 132: Supported
- ✅ 133: Supported
- ✅ 134 - 136: Supported
Opera
- ❌ 9 - 22: Not supported
- ◐ 23 - 25: Partial support
- ◐ 26: Partial support
- ✅ 27 - 113: Supported
- ✅ 114: Supported
IE
- ❌ 5.5 - 10: Not supported
- ❌ 11: Not supported
Chrome for Android
- ✅ 131: Supported
Safari on iOS
- ❌ 3.2 - 9.3: Not supported
- ✅ 10 - 18.0: Supported
- ✅ 18.1: Supported
- ✅ 18.2: Supported
Samsung Internet
- ✅ 4 - 25: Supported
- ✅ 26: Supported
Opera Mini
- ❌ all: Not supported
Opera Mobile
- ❌ 10 - 12.1: Not supported
- ✅ 80: Supported
UC Browser for Android
- ✅ 15.5: Supported
Android Browser
- ❌ 2.1 - 4.4.4: Not supported
- ✅ 131: Supported
Firefox for Android
- ✅ 132: Supported
QQ Browser
- ✅ 14.9: Supported
Baidu Browser
- ✅ 13.52: Supported
KaiOS Browser
- ✅ 2.5: Supported
- ✅ 3: Supported