web-feature: Content Security Policy (CSP)

baseline logo Widely available

Content Security Policy (CSP) helps to mitigate certain security threats, including cross-site scripting (XSS) and clickjacking attacks. It consists of a set of directives from a website to a browser, which instruct the browser to restrict the things that the site is allowed to do.

WKWebView

macOS

*

iOS

*

Android WebView

Android

*

WebView2

Windows

*

Chrome Browser

Android

25

Safari Browser

iOS

7

Notes

Support data provided by: BCD logo

Know something we don't?

Is any of the above data outdated? Or do you want to add a new WebView to the list? Heads on to GitHub and edit the data file!

Edit this page on GitHub Report an issue on GitHub

Not comfortable with GitHub? Send us an email.

Please help us keeping this data updated

This feature was last updated on November 10, 2025.