W3C

Last Call: User Interface Security Directives for Content Security Policy

The Web Application Security Working Group has published a Last Call Working Draft of User Interface Security Directives for Content Security Policy. This document defines directives for the Content Security Policy mechanism to declare a set of input protections for a web resource’s user interface, defines a non-normative set of heuristics for Web user agents to implement these input protections, and a reporting mechanism for when they are triggered. Comments are welcome through 18 June. Learn more about the Security Activity.