Copy returns a shallow copy of the header.

ParseAccept parses Accept* headers.

ParseList parses a comma separated list of values.

ParseTime parses the header as time.

ParseValueAndParams parses a comma separated list of values with optional semicolon separated name-value pairs.

SetContentDisposition sets the Content-Disposition header.

SetCSP sets a Content-Security-Policy header.

Restrict what can be used in <base>.

Don't load any HTTP content when using https.

Web workers and nested contexts such as frames.

Script interfaces: Ajax, WebSocket, Fetch API, etc.

Fallback for the other directives.

Custom fonts.

Restrict targets for form submissions.

Valid parents for embedding with frames, <object>, etc.

<frame> and <iframe>.

Images (HTML and CSS), favicon.

Web app manifest.

<audio> and <video>.

<object>, <embed>, and <applet>.

Whitelist MIME types for <object>, <embed>, <applet>.

Reporting directives control the reporting process of CSP violations; see also the Content-Security-Policy-Report-Only header.

Enable sandbox for the page.

JavaScript.

Nothing matches.

Exact origin of the document.

Everything.

Inline <script>/<style>, onevent="", etc.

eval().

CSS.

Constants for DispositionArgs.

Constants for DispositionArgs.

AcceptSpec describes an Accept* header.

DispositionArgs are arguments for SetContentDisposition().

CSPArgs are arguments for SetCSP().