'unsafe-hashed-attributes' is a feature in CSP3 which allows developers to enable specific event handlers without needing to use the less safe 'unsafe-inline' keyword.
If 'unsafe-hashed-attributes' is present, inline event handlers are allowed to match against hashes specified by the 'script-src' directive (or its fallback if not present).
Link to “Intent to Implement” blink-dev discussion
I don't think there has been a I2I for this feature.
Is this feature supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?
Interoperability and Compatibility
To my knowledge we are the first browser to implement this. There seem to be positive feelings towards this in the spec discussion.
Edge: No signals
Firefox: No signals
Safari: No signals
Web developers: Positive
Tests will be written as part of this. When they will exist they will reside in:
Entry on the feature dashboard
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firstname.lastname@example.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CACnmqYifMnwELo0YrB6Z9ttw_DvE4KtE8h9pmX03Fvai8zkD3Q%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABc02_Ku2Trn3qPMPCs3ZM%2BFVS0F2Awn%3Df5URizWS3f8k4a%3DJw%40mail.gmail.com.