Where can I find out what content security policy (CSP) features are supported by the Safari browser?
I am getting error reports only for Safari and want to confirm whether or not Safari supports the policy I have in place.
My Policy:
base-uri; object-src; script-src https://*.example.com *.example.com 'nonce-LwhUCQNCuRTtk6dBXRpPjw==' 'strict-dynamic' 'unsafe-inline'; report-uri https://example.com/csp/report;",
Looks like my answer is now out of date:
Important: This document is no longer being updated. For the latest information about Apple SDKs, visit the documentation website.
Old Answer:
A few months later and I stumble upon my own unanswered question :(.
The best place to find out what is supported, that I've found, is Safari's release notes.
FWIW CSP 2.0 support was added in Safari 10.0.0