The directives allowand optionsare part of the original Mozilla content security policy definition. Chrome implements the current W3C standard , which introduced several changes from the original Mozilla offering.
allow default-src CSP.options 'unsafe-inline' 'unsafe-eval' ( ) script-src style-src.
Firefox, X-Content-Security-Policy. - WebKit (X-WebKit-CSP), .
, WebKit (Content-Security-Policy) , WebKit. , .:)