Content Security Policy 1.0

- CR

Mitigate cross-site scripting attacks by whitelisting allowed sources of script, style, and other resources.

IE

  1. 5.5 - 9
  2. 10
  3. 11

Edge

  1. 12 - 81
  2. 83

Firefox

  1. 2 - 3.6
  2. 4 - 22
  3. 23 - 75
  4. 76
  5. 77 - 78

Chrome

  1. 4 - 13
  2. 14 - 24
  3. 25 - 81
  4. 83
  5. 84 - 86

Safari

  1. 3.1 - 5
  2. 5.1
  3. 6 - 6.1
  4. 7 - 13
  5. 13.1
  6. TP

Opera

  1. 9 - 12.1
  2. 15 - 67
  3. 68

iOS Safari

  1. 3.2 - 4.3
  2. 5
  3. 6
  4. 7 - 13.3
  5. 13.4

Opera Mini

  1. all

Android Browser

  1. 2.1 - 4.3
  2. 4.4 - 4.4.4
  3. 81

Blackberry Browser

  1. 7
  2. 10

Opera Mobile

  1. 10 - 12.1
  2. 46

Chrome for Android

  1. 81

Firefox for Android

  1. 68

IE Mobile

  1. 10
  2. 11

UC Browser for Android

  1. 12.12

Samsung Internet

  1. 4 - 10.1
  2. 11.1

QQ Browser

  1. 10.4

Baidu Browser

  1. 7.12

KaiOS Browser

  1. 2.5

The standard HTTP header is Content-Security-Policy which is used unless otherwise noted.

Resources:
CSP Examples & Quick Reference
MDN Web Docs - Content Security Policy
HTML5Rocks article