content_security_policy

Read More at MDN Docs

Safe to Use

content_security_policy is not safe to use.

It’s supported by 54% of global browsers.

Browsers

ChromeDec 11, 2008v1.0.0
26%100%
100% of Chrome users are running a supported version.
SafariSep 16, 2020v14.0.0
5%93%
There are no users of Safari running a supported version.
EdgeUnknownv1.0.0
5%100%
100% of Edge users are running a supported version.
FirefoxAug 2, 2016v48.0.0
3%100%
100% of Firefox users are running a supported version.

Version Breakdown

 
Agent
Support
Adoption
Chrome
Dec 11, 2008 v1.0.0
26%100%
100% of Chrome users are running a supported version.
Dec 11, 2008 – Latest
v1.0.0+
26%100%

Full Support

Until Chrome 110, the object-src directive was required with a secure source. From Chrome 111, the object-src directive is optional.

Edge
Unknown v1.0.0
5%100%
100% of Edge users are running a supported version.
Unknown
v1.0.0+
5%100%

Full Support

Until Edge 110, the object-src directive was required with a secure source. From Edge 111, the object-src directive is optional.

Firefox
Aug 2, 2016 v48.0.0
3%100%
100% of Firefox users are running a supported version.
Aug 2, 2016 – Latest
v48.0.0+
3%100%

Full Support

Firefox does not support 'http://127.0.0.1' or 'http://localhost' as script sources: they must be served over HTTPS.

Until Firefox 105, the object-src directive was required with a secure source. From Firefox 106, the object-src directive is optional.

Firefox for Android
Unsupported
Firefox for Android does not support this feature.

No Support

Opera
Unknown v1.0.0
1%100%
100% of Opera users are running a supported version.
Unknown
v1.0.0+
1%100%

Full Support

Until Opera 96, the object-src directive was required with a secure source. From Opera 97, the object-src directive is optional.

Safari
Sep 16, 2020 v14.0.0
5%93%
There are no users of Safari running a supported version.
Sep 16, 2020 – Latest
v14.0.0+
5%93%

Full Support

There is no requirement to include the object-src directive.

Safari on iOS
Sep 20, 2021 v15.0.0
15%93%
There are no users of Safari on iOS running a supported version.
Sep 20, 2021 – Latest
v15.0.0+
15%93%

Full Support

There is no requirement to include the object-src directive.

Contribute