Hey folks!

This is important!! If you're at all interested in web security and feature detection, check this out and provide your feedback!
Following up on yesterday's discussion of +AngularJS's Content Security Policy implementation, it became clear that there's a need for programatic detection of a site's currently active policy. Frameworks should be able to inspect the policy to determine whether they can, for instance, use `eval()`. Based on the result, they can fork their implementation and avoid flooding the console or report URI with errors.

I sat down with +Paul Irish of Modernizr fame, +Eric Bidelman, and +Pete LePage to hammer out an initial strawman for discussion. I've jotted down our conclusions at https://mikewest.org/2012/05/content-security-policy-feature-detection for discussion.

+Igor Minar, how does this look to you?
Shared publicly