Standards
Standards

Understand the various specifications, their maturity levels on the web standards track, and their adoption.
Explore web standards
Groups
Groups

A variety of groups develop Web Standards, guidelines, or supporting materials.
About W3C groups
Get involved
Get involved

W3C works at the nexus of core technology, industry needs, and societal needs.
Find ways to get involved
Resources
Resources

Master Web fundamentals, use our developer tools, or contribute code.
Learn from W3C resources
News and events
News and events

Recent content across news, blogs, press releases, media; upcoming events.
Follow news and events
About
About

Understand our values and principles, learn our history, look into our policies, meet our people.
Find out more about us
Search
My account

W3C Invites Implementations of Content Security Policy Level 2

Author(s) and publish date

Published:: 18 February 2015

The Web Application Security Working Group has published a Candidate Recommendation of Content Security Policy Level 2. This specification updates Content Security Policy, fine-tuning the existing policy options, and introducing a number of new mechanisms that site authors can use to mitigate the risk of content injection and related attacks. Major differences from Content Security Policy Level 1 may be found in Section 1.1 of the document.

With this publication, we move the earlier edition off the Recommendation Track to a Note (Content Security Policy 1.0) and invite implementers to share their experience with CSP Level 2. Learn more about the Security Activity.

Related RSS feed

Subscribe to our news feed