I'm going to enable CSP Violation Events by default in Firefox 63. Bug 1432523.
I and ckerschb have done a good job to make our code compliant with the latest CSP3 spec and we pass (almost) all the related WPT tests. The only remaining bit is related to <iframe src="javascript:foo"/> (bug 1473630) but we decided to work on it as follow up. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
