This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The csp property of the HTMLIFrameElement interface specifies the Content Security Policy that an embedded document must agree to enforce upon itself.


var csp = HTMLIFrameElement.csp
HTMLIFrameElement.csp = csp


A content security policy.


Specification Status Comment
Content Security Policy: Embedded Enforcement
The definition of 'csp' in that specification.
Working Draft Initial definition.

Browser Compatibility

Update compatibility data on GitHub
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidEdge MobileFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
Chrome Full support 61Edge ? Firefox ? IE ? Opera Full support 48Safari ? WebView Android Full support 61Chrome Android Full support 61Edge Mobile ? Firefox Android ? Opera Android Full support 45Safari iOS ? Samsung Internet Android ?


Full support  
Full support
Compatibility unknown  
Compatibility unknown
Experimental. Expect behavior to change in the future.
Experimental. Expect behavior to change in the future.

Document Tags and Contributors

Contributors to this page: mdnwebdocs-bot, Malvoz, fscholz, jpmedley
Last updated by: mdnwebdocs-bot,