The following checklist provides as overview as to what should be concentrated when choosing /designing a Web Content Security Policy.
-Support for flexible policies that allow you to configure the product for your current and future needs.
-Ability to define different policies by user ,department and time.
-Ability to check content in uploads and downloads(bi-directional checking)
-Capability to dismantle all the file formats you would expect to see moved over the internet.
-Recursive decomposition to dismantle traffic to it's essence.
-Ability to allow or not HTTPS sessions.
-Content checking of browser FTP transfers.
-User authentication integrated with policy.
-Selective alerting or information of exceptions.
-Support of virus checking tools.
-Control of Active X and .exe downloads by exclusion or Authenticode.
-Control of JAVA applications,scripting,JTML and FTP.
-Control of offensive content uproductive surfing and cookies.
-Checking of web email.