diff --git a/index.html b/index.html
index e3d577799d..9d1ae22507 100644
--- a/index.html
+++ b/index.html
@@ -49,9 +49,9 @@
  *   - ::before styled for CSS-generated issue/example/figure numbers:
  *     -> Documents wishing to use this only need to add
  *        figcaption::before,
- *        .caption::before { content: "Figure "  counter(figure);  }
- *        .example::before { content: "Example " counter(example); }
- *        .issue::before   { content: "Issue "   counter(issue);   }
+ *        .caption::before { content: "Figure "  counter(figure) " ";  }
+ *        .example::before { content: "Example " counter(example) " "; }
+ *        .issue::before   { content: "Issue "   counter(issue) " ";   }
  *
  * Header Stuff (ignore, just don't conflict with these classes)
  *   - .head for the header
@@ -457,7 +457,7 @@
 		font-style: normal;
 	}
 	dt dfn code, code.idl {
-		font-size: inherit;
+		font-size: normal;
 	}
 	dfn var {
 		font-style: normal;
@@ -646,7 +646,7 @@
 		padding-right: 1em;
 		text-transform: uppercase;
 	}
-	/* Add .issue::before { content: "Issue " counter(issue); } for autogen numbers,
+	/* Add .issue::before { content: "Issue " counter(issue) " "; } for autogen numbers,
 	   or use class="marker" to mark up the issue number in source. */
 
 /** Example *******************************************************************/
@@ -664,7 +664,7 @@
 		min-width: 7.5em;
 		display: block;
 	}
-	/* Add .example::before { content: "Example " counter(example); } for autogen numbers,
+	/* Add .example::before { content: "Example " counter(example) " "; } for autogen numbers,
 	   or use class="marker" to mark up the example number in source. */
 
 /** Non-normative Note ********************************************************/
@@ -1421,7 +1421,7 @@
   <div class="head">
    <p data-fill-with="logo"><a class="logo" href="https://www.w3.org/"> <img alt="W3C" height="48" src="https://www.w3.org/StyleSheets/TR/2016/logos/W3C" width="72"> </a> </p>
    <h1>Content Security Policy Level 3</h1>
-   <h2 class="no-num no-toc no-ref heading settled" id="subtitle"><span class="content">Editor’s Draft, <time class="dt-updated" datetime="2016-08-17">17 August 2016</time></span></h2>
+   <h2 class="no-num no-toc no-ref heading settled" id="subtitle"><span class="content">Editor’s Draft, <time class="dt-updated" datetime="2016-08-18">18 August 2016</time></span></h2>
    <div data-fill-with="spec-metadata">
     <dl>
      <dt>This version:
@@ -2379,7 +2379,6 @@ <h3 class="heading settled" data-level="4.2" id="html-integration"><span class="
   navigate fetch</a> algorithm, and <a href="#should-block-navigation-response">§4.2.5 Should navigation response to navigation request of type from source
     in target be blocked by Content Security Policy?</a> is called during the <a data-link-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#process-a-navigate-response">process a navigate response</a> algorithm to
   apply directive’s navigation checks.</p>
-      <p class="issue" id="issue-10e3374e"><a class="self-link" href="#issue-10e3374e"></a> Upstream this to HTML. <a href="https://github.com/whatwg/html/issues/1230">&lt;https://github.com/whatwg/html/issues/1230></a></p>
       <p class="issue" id="issue-7b0f92da"><a class="self-link" href="#issue-7b0f92da"></a> W3C’s HTML is not based on Fetch, and does not
   have a <a data-link-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#process-a-navigate-response">process a navigate response</a> algorithm into which to hook. <a href="https://github.com/w3c/html/issues/548">&lt;https://github.com/w3c/html/issues/548></a></p>
     </ol>
@@ -2592,31 +2591,31 @@ <h2 class="heading settled" data-level="5" id="reporting"><span class="secno">5.
   report</dfn> may be generated and sent out to a reporting endpoint associated
   with the <a data-link-type="dfn" href="#policy" id="ref-for-policy-24">policy</a>.</p>
     <h3 class="heading settled" data-level="5.1" id="violation-events"><span class="secno">5.1. </span><span class="content"> Violation DOM Events </span><a class="self-link" href="#violation-events"></a></h3>
-<pre class="idl highlight def">[<a class="nv idl-code" data-link-type="constructor" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent">Constructor</a>(<span class="kt">DOMString</span> <a class="nv idl-code" data-link-type="argument" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-type">type</a>, <span class="kt">optional</span> <a class="n" data-link-type="idl-name" href="https://w3c.github.io/webappsec-csp/#dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</a> <a class="nv idl-code" data-link-type="argument" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-eventinitdict">eventInitDict</a>)]
+<pre class="idl highlight def">[<dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="constructor" data-export="" data-lt="SecurityPolicyViolationEvent(type, eventInitDict)|SecurityPolicyViolationEvent(type)" id="dom-securitypolicyviolationevent-securitypolicyviolationevent">Constructor<a class="self-link" href="#dom-securitypolicyviolationevent-securitypolicyviolationevent"></a></dfn>(<span class="kt">DOMString</span> <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEvent/SecurityPolicyViolationEvent(type, eventInitDict)" data-dfn-type="argument" data-export="" id="dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-type">type<a class="self-link" href="#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-type"></a></dfn>, <span class="kt">optional</span> <a class="n" data-link-type="idl-name" href="#dictdef-securitypolicyviolationeventinit" id="ref-for-dictdef-securitypolicyviolationeventinit-1">SecurityPolicyViolationEventInit</a> <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEvent/SecurityPolicyViolationEvent(type, eventInitDict)" data-dfn-type="argument" data-export="" id="dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-eventinitdict">eventInitDict<a class="self-link" href="#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-eventinitdict"></a></dfn>)]
 <span class="kt">interface</span> <dfn class="nv dfn-paneled idl-code" data-dfn-type="interface" data-export="" id="securitypolicyviolationevent">SecurityPolicyViolationEvent</dfn> : <a class="n" data-link-type="idl-name" href="https://dom.spec.whatwg.org/#event">Event</a> {
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-documenturi">documentURI</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-referrer">referrer</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-blockeduri">blockedURI</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-violateddirective">violatedDirective</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-effectivedirective">effectiveDirective</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-originalpolicy">originalPolicy</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-sourcefile">sourceFile</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">unsigned</span> <span class="kt">short</span> <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="unsigned short" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-statuscode">statusCode</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">long</span>           <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="long" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-linenumber">lineNumber</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">long</span>           <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="long" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-columnnumber">columnNumber</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="DOMString" id="dom-securitypolicyviolationevent-documenturi">documentURI</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="DOMString" id="dom-securitypolicyviolationevent-referrer">referrer</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="DOMString" id="dom-securitypolicyviolationevent-blockeduri">blockedURI</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="DOMString" id="dom-securitypolicyviolationevent-violateddirective">violatedDirective</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="DOMString" id="dom-securitypolicyviolationevent-effectivedirective">effectiveDirective</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="DOMString" id="dom-securitypolicyviolationevent-originalpolicy">originalPolicy</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="DOMString" id="dom-securitypolicyviolationevent-sourcefile">sourceFile</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">unsigned</span> <span class="kt">short</span> <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="unsigned short" id="dom-securitypolicyviolationevent-statuscode">statusCode</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">long</span>           <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="long" id="dom-securitypolicyviolationevent-linenumber">lineNumber</dfn>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">long</span>           <dfn class="nv dfn-paneled idl-code" data-dfn-for="SecurityPolicyViolationEvent" data-dfn-type="attribute" data-export="" data-readonly="" data-type="long" id="dom-securitypolicyviolationevent-columnnumber">columnNumber</dfn>;
 };
 
-<span class="kt">dictionary</span> <a class="nv idl-code" data-link-type="dictionary" href="https://w3c.github.io/webappsec-csp/#dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</a> : <a class="n" data-link-type="idl-name" href="https://dom.spec.whatwg.org/#dictdef-eventinit">EventInit</a> {
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-documenturi">documentURI</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-referrer">referrer</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-blockeduri">blockedURI</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-violateddirective">violatedDirective</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-effectivedirective">effectiveDirective</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-originalpolicy">originalPolicy</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-sourcefile">sourceFile</a>;
-    <span class="kt">unsigned</span> <span class="kt">short</span> <a class="nv idl-code" data-link-type="dict-member" data-type="unsigned short " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-statuscode">statusCode</a>;
-    <span class="kt">long</span>           <a class="nv idl-code" data-link-type="dict-member" data-type="long           " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-linenumber">lineNumber</a>;
-    <span class="kt">long</span>           <a class="nv idl-code" data-link-type="dict-member" data-type="long           " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-columnnumber">columnNumber</a>;
+<span class="kt">dictionary</span> <dfn class="nv dfn-paneled idl-code" data-dfn-type="dictionary" data-export="" id="dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</dfn> : <a class="n" data-link-type="idl-name" href="https://dom.spec.whatwg.org/#dictdef-eventinit">EventInit</a> {
+    <span class="kt">DOMString</span>      <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="DOMString      " id="dom-securitypolicyviolationeventinit-documenturi">documentURI<a class="self-link" href="#dom-securitypolicyviolationeventinit-documenturi"></a></dfn>;
+    <span class="kt">DOMString</span>      <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="DOMString      " id="dom-securitypolicyviolationeventinit-referrer">referrer<a class="self-link" href="#dom-securitypolicyviolationeventinit-referrer"></a></dfn>;
+    <span class="kt">DOMString</span>      <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="DOMString      " id="dom-securitypolicyviolationeventinit-blockeduri">blockedURI<a class="self-link" href="#dom-securitypolicyviolationeventinit-blockeduri"></a></dfn>;
+    <span class="kt">DOMString</span>      <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="DOMString      " id="dom-securitypolicyviolationeventinit-violateddirective">violatedDirective<a class="self-link" href="#dom-securitypolicyviolationeventinit-violateddirective"></a></dfn>;
+    <span class="kt">DOMString</span>      <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="DOMString      " id="dom-securitypolicyviolationeventinit-effectivedirective">effectiveDirective<a class="self-link" href="#dom-securitypolicyviolationeventinit-effectivedirective"></a></dfn>;
+    <span class="kt">DOMString</span>      <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="DOMString      " id="dom-securitypolicyviolationeventinit-originalpolicy">originalPolicy<a class="self-link" href="#dom-securitypolicyviolationeventinit-originalpolicy"></a></dfn>;
+    <span class="kt">DOMString</span>      <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="DOMString      " id="dom-securitypolicyviolationeventinit-sourcefile">sourceFile<a class="self-link" href="#dom-securitypolicyviolationeventinit-sourcefile"></a></dfn>;
+    <span class="kt">unsigned</span> <span class="kt">short</span> <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="unsigned short " id="dom-securitypolicyviolationeventinit-statuscode">statusCode<a class="self-link" href="#dom-securitypolicyviolationeventinit-statuscode"></a></dfn>;
+    <span class="kt">long</span>           <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="long           " id="dom-securitypolicyviolationeventinit-linenumber">lineNumber<a class="self-link" href="#dom-securitypolicyviolationeventinit-linenumber"></a></dfn>;
+    <span class="kt">long</span>           <dfn class="nv idl-code" data-dfn-for="SecurityPolicyViolationEventInit" data-dfn-type="dict-member" data-export="" data-type="long           " id="dom-securitypolicyviolationeventinit-columnnumber">columnNumber<a class="self-link" href="#dom-securitypolicyviolationeventinit-columnnumber"></a></dfn>;
 };
 </pre>
     <h3 class="heading settled" data-level="5.2" id="deprecated-serialize-violation"><span class="secno">5.2. </span><span class="content"> Obtain the deprecated serialization of <var>violation</var> </span><a class="self-link" href="#deprecated-serialize-violation"></a></h3>
@@ -2682,47 +2681,47 @@ <h3 class="heading settled" data-level="5.3" id="report-violation"><span class="
   as follows:</p>
       <dl>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-documenturi">documentURI</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-documenturi" id="ref-for-dom-securitypolicyviolationevent-documenturi-1">documentURI</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-url" id="ref-for-violation-url-2">url</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-referrer">referrer</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-referrer" id="ref-for-dom-securitypolicyviolationevent-referrer-1">referrer</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-referrer" id="ref-for-violation-referrer-3">referrer</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-blockeduri">blockedURI</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-blockeduri" id="ref-for-dom-securitypolicyviolationevent-blockeduri-1">blockedURI</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-resource" id="ref-for-violation-resource-7">resource</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-effectivedirective">effectiveDirective</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-effectivedirective" id="ref-for-dom-securitypolicyviolationevent-effectivedirective-1">effectiveDirective</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-effective-directive" id="ref-for-violation-effective-directive-4">effective directive</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-violateddirective">violatedDirective</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-violateddirective" id="ref-for-dom-securitypolicyviolationevent-violateddirective-1">violatedDirective</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-effective-directive" id="ref-for-violation-effective-directive-5">effective directive</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-originalpolicy">originalPolicy</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-originalpolicy" id="ref-for-dom-securitypolicyviolationevent-originalpolicy-1">originalPolicy</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-policy" id="ref-for-violation-policy-4">policy</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-sourcefile">sourceFile</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-sourcefile" id="ref-for-dom-securitypolicyviolationevent-sourcefile-1">sourceFile</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-source-file" id="ref-for-violation-source-file-4">source file</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-statuscode">statusCode</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-statuscode" id="ref-for-dom-securitypolicyviolationevent-statuscode-1">statusCode</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-status" id="ref-for-violation-status-3">status</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-linenumber">lineNumber</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-linenumber" id="ref-for-dom-securitypolicyviolationevent-linenumber-1">lineNumber</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-line-number" id="ref-for-violation-line-number-3">line number</a></p>
        <dt data-md="">
-        <p><code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-columnnumber">columnNumber</a></code></p>
+        <p><code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-columnnumber" id="ref-for-dom-securitypolicyviolationevent-columnnumber-1">columnNumber</a></code></p>
        <dd data-md="">
         <p><var>violation</var>’s <a data-link-type="dfn" href="#violation-column-number" id="ref-for-violation-column-number-3">column number</a></p>
       </dl>
-      <p class="note" role="note">Note: Both <code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-effectivedirective">effectiveDirective</a></code> and <code class="idl"><a data-link-type="idl" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-violateddirective">violatedDirective</a></code> are the same value.
+      <p class="note" role="note">Note: Both <code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-effectivedirective" id="ref-for-dom-securitypolicyviolationevent-effectivedirective-2">effectiveDirective</a></code> and <code class="idl"><a data-link-type="idl" href="#dom-securitypolicyviolationevent-violateddirective" id="ref-for-dom-securitypolicyviolationevent-violateddirective-2">violatedDirective</a></code> are the same value.
   This is intentional to maintain backwards compatibility.</p>
      <li data-md="">
       <p>If <var>violation</var>’s <a data-link-type="dfn" href="#violation-policy" id="ref-for-violation-policy-5">policy</a>’s <a data-link-type="dfn" href="#policy-directive-set" id="ref-for-policy-directive-set-6">directive
@@ -4796,8 +4795,20 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
    <li><a href="#grammardef-ancestor-source-list">ancestor-source-list</a><span>, in §6.3.2</span>
    <li><a href="#grammardef-base64-value">base64-value</a><span>, in §2.2.1</span>
    <li><a href="#base-uri">base-uri</a><span>, in §6.2.1</span>
+   <li>
+    blockedURI
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-blockeduri">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-blockeduri">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#child-src">child-src</a><span>, in §6.1.1</span>
    <li><a href="#violation-column-number">column number</a><span>, in §2.3</span>
+   <li>
+    columnNumber
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-columnnumber">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-columnnumber">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#connect-src">connect-src</a><span>, in §6.1.2</span>
    <li><a href="#header-content-security-policy">Content-Security-Policy</a><span>, in §3.1</span>
    <li><a href="#content-security-policy">Content Security Policy</a><span>, in §1</span>
@@ -4810,12 +4821,24 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
    <li><a href="#grammardef-directive-value">directive-value</a><span>, in §2.2</span>
    <li><a href="#disown-opener">disown-opener</a><span>, in §6.2.4</span>
    <li><a href="#policy-disposition">disposition</a><span>, in §2.1</span>
+   <li>
+    documentURI
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-documenturi">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-documenturi">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li>
     effective directive
     <ul>
      <li><a href="#violation-effective-directive">dfn for violation</a><span>, in §2.3</span>
      <li><a href="#request-effective-directive">dfn for request</a><span>, in §6.6.1.7</span>
     </ul>
+   <li>
+    effectiveDirective
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-effectivedirective">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-effectivedirective">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#embedding-document">embedding document</a><span>, in §4.2</span>
    <li><a href="#enforced">enforced</a><span>, in §4.2</span>
    <li><a href="#can-compile-strings">EnsureCSPDoesNotBlockStringCompilation(callerRealm, calleeRealm)</a><span>, in §4.3</span>
@@ -4835,6 +4858,12 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
    <li><a href="#directive-inline-check">inline check</a><span>, in §2.2</span>
    <li><a href="#grammardef-keyword-source">keyword-source</a><span>, in §2.2.1</span>
    <li><a href="#violation-line-number">line number</a><span>, in §2.3</span>
+   <li>
+    lineNumber
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-linenumber">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-linenumber">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#manifest-src">manifest-src</a><span>, in §6.1.7</span>
    <li><a href="#media-src">media-src</a><span>, in §6.1.8</span>
    <li><a href="#grammardef-media-type">media-type</a><span>, in §6.2.2</span>
@@ -4845,6 +4874,12 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
    <li><a href="#grammardef-nonce-source">nonce-source</a><span>, in §2.2.1</span>
    <li><a href="#grammardef-none">'none'</a><span>, in §2.2.1</span>
    <li><a href="#object-src">object-src</a><span>, in §6.1.9</span>
+   <li>
+    originalPolicy
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-originalpolicy">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-originalpolicy">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#parse-serialized-policy">parse a serialized CSP</a><span>, in §2.1</span>
    <li><a href="#grammardef-path-part">path-part</a><span>, in §2.2.1</span>
    <li><a href="#plugin-types">plugin-types</a><span>, in §6.2.2</span>
@@ -4859,7 +4894,13 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
    <li><a href="#directive-post-request-check">post-request check</a><span>, in §2.2</span>
    <li><a href="#directive-pre-navigation-check">pre-navigation check</a><span>, in §2.2</span>
    <li><a href="#directive-pre-request-check">pre-request check</a><span>, in §2.2</span>
-   <li><a href="#violation-referrer">referrer</a><span>, in §2.3</span>
+   <li>
+    referrer
+    <ul>
+     <li><a href="#violation-referrer">dfn for violation</a><span>, in §2.3</span>
+     <li><a href="#dom-securitypolicyviolationevent-referrer">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-referrer">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#report-to">report-to</a><span>, in §6.4.2</span>
    <li><a href="#report-uri">report-uri</a><span>, in §6.4.1</span>
    <li><a href="#violation-resource">resource</a><span>, in §2.3</span>
@@ -4869,6 +4910,9 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
    <li><a href="#grammardef-scheme-source">scheme-source</a><span>, in §2.2.1</span>
    <li><a href="#script-src">script-src</a><span>, in §6.1.10</span>
    <li><a href="#securitypolicyviolationevent">SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+   <li><a href="#dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+   <li><a href="#dom-securitypolicyviolationevent-securitypolicyviolationevent">SecurityPolicyViolationEvent(type)</a><span>, in §5.1</span>
+   <li><a href="#dom-securitypolicyviolationevent-securitypolicyviolationevent">SecurityPolicyViolationEvent(type, eventInitDict)</a><span>, in §5.1</span>
    <li><a href="#grammardef-self">'self'</a><span>, in §2.2.1</span>
    <li><a href="#serialized-csp">serialized CSP</a><span>, in §2.1</span>
    <li><a href="#serialized-directive">serialized directive</a><span>, in §2.2</span>
@@ -4880,8 +4924,20 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
    <li><a href="#grammardef-source-expression">source-expression</a><span>, in §2.2.1</span>
    <li><a href="#source-expression">source expression</a><span>, in §2.2.1</span>
    <li><a href="#violation-source-file">source file</a><span>, in §2.3</span>
+   <li>
+    sourceFile
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-sourcefile">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-sourcefile">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#source-lists">source lists</a><span>, in §2.2.1</span>
    <li><a href="#violation-status">status</a><span>, in §2.3</span>
+   <li>
+    statusCode
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-statuscode">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-statuscode">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#grammardef-strict-dynamic">'strict-dynamic'</a><span>, in §2.2.1</span>
    <li><a href="#style-src">style-src</a><span>, in §6.1.11</span>
    <li><a href="#grammardef-unsafe-eval">'unsafe-eval'</a><span>, in §2.2.1</span>
@@ -4889,6 +4945,12 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
    <li><a href="#grammardef-unsafe-inline">'unsafe-inline'</a><span>, in §2.2.1</span>
    <li><a href="#violation-url">url</a><span>, in §2.3</span>
    <li><a href="#directive-value">value</a><span>, in §2.2</span>
+   <li>
+    violatedDirective
+    <ul>
+     <li><a href="#dom-securitypolicyviolationevent-violateddirective">attribute for SecurityPolicyViolationEvent</a><span>, in §5.1</span>
+     <li><a href="#dom-securitypolicyviolationeventinit-violateddirective">dict-member for SecurityPolicyViolationEventInit</a><span>, in §5.1</span>
+    </ul>
    <li><a href="#violation">violation</a><span>, in §2.3</span>
    <li><a href="#violation-report">violation report</a><span>, in §5</span>
    <li><a href="#worker-src">worker-src</a><span>, in §6.1.12</span>
@@ -5094,24 +5156,6 @@ <h3 class="no-num no-ref heading settled" id="index-defined-elsewhere"><span cla
     <ul>
      <li><a href="https://www.w3.org/TR/workers/#worker">Worker</a>
     </ul>
-   <li>
-    <a data-link-type="biblio">[CSP1]</a> defines the following terms:
-    <ul>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent">SecurityPolicyViolationEvent(type, eventInitDict)</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-blockeduri">blockedURI</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-columnnumber">columnNumber</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-documenturi">documentURI</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-effectivedirective">effectiveDirective</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-eventinitdict">eventInitDict</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-linenumber">lineNumber</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-originalpolicy">originalPolicy</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-referrer">referrer</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-sourcefile">sourceFile</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-statuscode">statusCode</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-type">type</a>
-     <li><a href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-violateddirective">violatedDirective</a>
-    </ul>
    <li>
     <a data-link-type="biblio">[css-cascade-4]</a> defines the following terms:
     <ul>
@@ -5147,8 +5191,6 @@ <h3 class="no-num no-ref heading settled" id="index-defined-elsewhere"><span cla
   <h2 class="no-num no-ref heading settled" id="references"><span class="content">References</span><a class="self-link" href="#references"></a></h2>
   <h3 class="no-num no-ref heading settled" id="normative"><span class="content">Normative References</span><a class="self-link" href="#normative"></a></h3>
   <dl>
-   <dt id="biblio-csp1">[CSP1]
-   <dd>Brandon Sterne; Adam Barth. <a href="http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-1.0-specification.html">Content Security Policy 1.0</a>. 19 February 2015. NOTE. URL: <a href="http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-1.0-specification.html">http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-1.0-specification.html</a>
    <dt id="biblio-css-cascade-4">[CSS-CASCADE-4]
    <dd>Elika Etemad; Tab Atkins Jr.. <a href="http://dev.w3.org/csswg/css-cascade/">CSS Cascading and Inheritance Level 4</a>. 14 January 2016. CR. URL: <a href="http://dev.w3.org/csswg/css-cascade/">http://dev.w3.org/csswg/css-cascade/</a>
    <dt id="biblio-cssom">[CSSOM]
@@ -5203,7 +5245,7 @@ <h3 class="no-num no-ref heading settled" id="normative"><span class="content">N
   <h3 class="no-num no-ref heading settled" id="informative"><span class="content">Informative References</span><a class="self-link" href="#informative"></a></h3>
   <dl>
    <dt id="biblio-appmanifest">[APPMANIFEST]
-   <dd>Marcos Caceres; et al. <a href="https://w3c.github.io/manifest/">Web App Manifest</a>. 14 July 2016. WD. URL: <a href="https://w3c.github.io/manifest/">https://w3c.github.io/manifest/</a>
+   <dd>Marcos Caceres; et al. <a href="https://w3c.github.io/manifest/">Web App Manifest</a>. 12 August 2016. WD. URL: <a href="https://w3c.github.io/manifest/">https://w3c.github.io/manifest/</a>
    <dt id="biblio-beacon">[BEACON]
    <dd>Ilya Grigorik; et al. <a href="https://w3c.github.io/beacon/">Beacon</a>. 29 June 2016. WD. URL: <a href="https://w3c.github.io/beacon/">https://w3c.github.io/beacon/</a>
    <dt id="biblio-csp2">[CSP2]
@@ -5217,7 +5259,7 @@ <h3 class="no-num no-ref heading settled" id="informative"><span class="content"
    <dt id="biblio-html-design">[HTML-DESIGN]
    <dd>Anne Van Kesteren; Maciej Stachowiak. <a href="https://www.w3.org/TR/html-design-principles/">HTML Design Principles</a>. URL: <a href="https://www.w3.org/TR/html-design-principles/">https://www.w3.org/TR/html-design-principles/</a>
    <dt id="biblio-mix">[MIX]
-   <dd>Mike West. <a href="https://w3c.github.io/webappsec/specs/mixedcontent/">Mixed Content</a>. 8 October 2015. CR. URL: <a href="https://w3c.github.io/webappsec/specs/mixedcontent/">https://w3c.github.io/webappsec/specs/mixedcontent/</a>
+   <dd>Mike West. <a href="https://w3c.github.io/webappsec-mixed-content/">Mixed Content</a>. 2 August 2016. CR. URL: <a href="https://w3c.github.io/webappsec-mixed-content/">https://w3c.github.io/webappsec-mixed-content/</a>
    <dt id="biblio-timing">[TIMING]
    <dd>Paul Stone. <a href="http://www.contextis.com/documents/2/Browser_Timing_Attacks.pdf">Pixel Perfect Timing Attacks with HTML5</a>. URL: <a href="http://www.contextis.com/documents/2/Browser_Timing_Attacks.pdf">http://www.contextis.com/documents/2/Browser_Timing_Attacks.pdf</a>
    <dt id="biblio-uisecurity">[UISECURITY]
@@ -5232,31 +5274,31 @@ <h3 class="no-num no-ref heading settled" id="informative"><span class="content"
    <dd>James Clark. <a href="https://www.w3.org/TR/xslt">XSL Transformations (XSLT) Version 1.0</a>. 16 November 1999. REC. URL: <a href="https://www.w3.org/TR/xslt">https://www.w3.org/TR/xslt</a>
   </dl>
   <h2 class="no-num no-ref heading settled" id="idl-index"><span class="content">IDL Index</span><a class="self-link" href="#idl-index"></a></h2>
-<pre class="idl def">[<a class="nv idl-code" data-link-type="constructor" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent">Constructor</a>(<span class="kt">DOMString</span> <a class="nv idl-code" data-link-type="argument" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-type">type</a>, <span class="kt">optional</span> <a class="n" data-link-type="idl-name" href="https://w3c.github.io/webappsec-csp/#dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</a> <a class="nv idl-code" data-link-type="argument" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-eventinitdict">eventInitDict</a>)]
+<pre class="idl def">[<a class="nv" href="#dom-securitypolicyviolationevent-securitypolicyviolationevent">Constructor</a>(<span class="kt">DOMString</span> <a class="nv" href="#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-type">type</a>, <span class="kt">optional</span> <a class="n" data-link-type="idl-name" href="#dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</a> <a class="nv" href="#dom-securitypolicyviolationevent-securitypolicyviolationevent-type-eventinitdict-eventinitdict">eventInitDict</a>)]
 <span class="kt">interface</span> <a class="nv" href="#securitypolicyviolationevent">SecurityPolicyViolationEvent</a> : <a class="n" data-link-type="idl-name" href="https://dom.spec.whatwg.org/#event">Event</a> {
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-documenturi">documentURI</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-referrer">referrer</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-blockeduri">blockedURI</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-violateddirective">violatedDirective</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-effectivedirective">effectiveDirective</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-originalpolicy">originalPolicy</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="DOMString" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-sourcefile">sourceFile</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">unsigned</span> <span class="kt">short</span> <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="unsigned short" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-statuscode">statusCode</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">long</span>           <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="long" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-linenumber">lineNumber</a>;
-    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">long</span>           <a class="nv idl-code" data-link-type="attribute" data-readonly="" data-type="long" href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationevent-columnnumber">columnNumber</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv" data-readonly="" data-type="DOMString" href="#dom-securitypolicyviolationevent-documenturi">documentURI</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv" data-readonly="" data-type="DOMString" href="#dom-securitypolicyviolationevent-referrer">referrer</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv" data-readonly="" data-type="DOMString" href="#dom-securitypolicyviolationevent-blockeduri">blockedURI</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv" data-readonly="" data-type="DOMString" href="#dom-securitypolicyviolationevent-violateddirective">violatedDirective</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv" data-readonly="" data-type="DOMString" href="#dom-securitypolicyviolationevent-effectivedirective">effectiveDirective</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv" data-readonly="" data-type="DOMString" href="#dom-securitypolicyviolationevent-originalpolicy">originalPolicy</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">DOMString</span>      <a class="nv" data-readonly="" data-type="DOMString" href="#dom-securitypolicyviolationevent-sourcefile">sourceFile</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">unsigned</span> <span class="kt">short</span> <a class="nv" data-readonly="" data-type="unsigned short" href="#dom-securitypolicyviolationevent-statuscode">statusCode</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">long</span>           <a class="nv" data-readonly="" data-type="long" href="#dom-securitypolicyviolationevent-linenumber">lineNumber</a>;
+    <span class="kt">readonly</span>    <span class="kt">attribute</span> <span class="kt">long</span>           <a class="nv" data-readonly="" data-type="long" href="#dom-securitypolicyviolationevent-columnnumber">columnNumber</a>;
 };
 
-<span class="kt">dictionary</span> <a class="nv idl-code" data-link-type="dictionary" href="https://w3c.github.io/webappsec-csp/#dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</a> : <a class="n" data-link-type="idl-name" href="https://dom.spec.whatwg.org/#dictdef-eventinit">EventInit</a> {
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-documenturi">documentURI</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-referrer">referrer</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-blockeduri">blockedURI</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-violateddirective">violatedDirective</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-effectivedirective">effectiveDirective</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-originalpolicy">originalPolicy</a>;
-    <span class="kt">DOMString</span>      <a class="nv idl-code" data-link-type="dict-member" data-type="DOMString      " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-sourcefile">sourceFile</a>;
-    <span class="kt">unsigned</span> <span class="kt">short</span> <a class="nv idl-code" data-link-type="dict-member" data-type="unsigned short " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-statuscode">statusCode</a>;
-    <span class="kt">long</span>           <a class="nv idl-code" data-link-type="dict-member" data-type="long           " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-linenumber">lineNumber</a>;
-    <span class="kt">long</span>           <a class="nv idl-code" data-link-type="dict-member" data-type="long           " href="https://w3c.github.io/webappsec-csp/#dom-securitypolicyviolationeventinit-columnnumber">columnNumber</a>;
+<span class="kt">dictionary</span> <a class="nv" href="#dictdef-securitypolicyviolationeventinit">SecurityPolicyViolationEventInit</a> : <a class="n" data-link-type="idl-name" href="https://dom.spec.whatwg.org/#dictdef-eventinit">EventInit</a> {
+    <span class="kt">DOMString</span>      <a class="nv" data-type="DOMString      " href="#dom-securitypolicyviolationeventinit-documenturi">documentURI</a>;
+    <span class="kt">DOMString</span>      <a class="nv" data-type="DOMString      " href="#dom-securitypolicyviolationeventinit-referrer">referrer</a>;
+    <span class="kt">DOMString</span>      <a class="nv" data-type="DOMString      " href="#dom-securitypolicyviolationeventinit-blockeduri">blockedURI</a>;
+    <span class="kt">DOMString</span>      <a class="nv" data-type="DOMString      " href="#dom-securitypolicyviolationeventinit-violateddirective">violatedDirective</a>;
+    <span class="kt">DOMString</span>      <a class="nv" data-type="DOMString      " href="#dom-securitypolicyviolationeventinit-effectivedirective">effectiveDirective</a>;
+    <span class="kt">DOMString</span>      <a class="nv" data-type="DOMString      " href="#dom-securitypolicyviolationeventinit-originalpolicy">originalPolicy</a>;
+    <span class="kt">DOMString</span>      <a class="nv" data-type="DOMString      " href="#dom-securitypolicyviolationeventinit-sourcefile">sourceFile</a>;
+    <span class="kt">unsigned</span> <span class="kt">short</span> <a class="nv" data-type="unsigned short " href="#dom-securitypolicyviolationeventinit-statuscode">statusCode</a>;
+    <span class="kt">long</span>           <a class="nv" data-type="long           " href="#dom-securitypolicyviolationeventinit-linenumber">lineNumber</a>;
+    <span class="kt">long</span>           <a class="nv" data-type="long           " href="#dom-securitypolicyviolationeventinit-columnnumber">columnNumber</a>;
 };
 
 </pre>
@@ -5272,7 +5314,6 @@ <h2 class="no-num no-ref heading settled" id="issues-index"><span class="content
    <div class="issue"> Stylesheet loading is not yet integrated with
   Fetch in WHATWG’s HTML. <a href="https://github.com/whatwg/html/issues/968">&lt;https://github.com/whatwg/html/issues/968></a><a href="#issue-25da4fba"> ↵ </a></div>
    <div class="issue"> This hook is missing from W3C’s HTML. <a href="https://github.com/w3c/html/issues/547">&lt;https://github.com/w3c/html/issues/547></a><a href="#issue-5faf83e6"> ↵ </a></div>
-   <div class="issue"> Upstream this to HTML. <a href="https://github.com/whatwg/html/issues/1230">&lt;https://github.com/whatwg/html/issues/1230></a><a href="#issue-10e3374e"> ↵ </a></div>
    <div class="issue"> W3C’s HTML is not based on Fetch, and does not
   have a <a data-link-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#process-a-navigate-response">process a navigate response</a> algorithm into which to hook. <a href="https://github.com/w3c/html/issues/548">&lt;https://github.com/w3c/html/issues/548></a><a href="#issue-7b0f92da"> ↵ </a></div>
    <div class="issue"> This needs to be better explained.<a href="#issue-ba1a0a35"> ↵ </a></div>
@@ -6232,6 +6273,83 @@ <h2 class="no-num no-ref heading settled" id="issues-index"><span class="content
     Report a violation </a> <a href="#ref-for-securitypolicyviolationevent-2">(2)</a>
    </ul>
   </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-documenturi">
+   <b><a href="#dom-securitypolicyviolationevent-documenturi">#dom-securitypolicyviolationevent-documenturi</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-documenturi-1">5.3. 
+    Report a violation </a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-referrer">
+   <b><a href="#dom-securitypolicyviolationevent-referrer">#dom-securitypolicyviolationevent-referrer</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-referrer-1">5.3. 
+    Report a violation </a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-blockeduri">
+   <b><a href="#dom-securitypolicyviolationevent-blockeduri">#dom-securitypolicyviolationevent-blockeduri</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-blockeduri-1">5.3. 
+    Report a violation </a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-violateddirective">
+   <b><a href="#dom-securitypolicyviolationevent-violateddirective">#dom-securitypolicyviolationevent-violateddirective</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-violateddirective-1">5.3. 
+    Report a violation </a> <a href="#ref-for-dom-securitypolicyviolationevent-violateddirective-2">(2)</a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-effectivedirective">
+   <b><a href="#dom-securitypolicyviolationevent-effectivedirective">#dom-securitypolicyviolationevent-effectivedirective</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-effectivedirective-1">5.3. 
+    Report a violation </a> <a href="#ref-for-dom-securitypolicyviolationevent-effectivedirective-2">(2)</a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-originalpolicy">
+   <b><a href="#dom-securitypolicyviolationevent-originalpolicy">#dom-securitypolicyviolationevent-originalpolicy</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-originalpolicy-1">5.3. 
+    Report a violation </a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-sourcefile">
+   <b><a href="#dom-securitypolicyviolationevent-sourcefile">#dom-securitypolicyviolationevent-sourcefile</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-sourcefile-1">5.3. 
+    Report a violation </a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-statuscode">
+   <b><a href="#dom-securitypolicyviolationevent-statuscode">#dom-securitypolicyviolationevent-statuscode</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-statuscode-1">5.3. 
+    Report a violation </a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-linenumber">
+   <b><a href="#dom-securitypolicyviolationevent-linenumber">#dom-securitypolicyviolationevent-linenumber</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-linenumber-1">5.3. 
+    Report a violation </a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dom-securitypolicyviolationevent-columnnumber">
+   <b><a href="#dom-securitypolicyviolationevent-columnnumber">#dom-securitypolicyviolationevent-columnnumber</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dom-securitypolicyviolationevent-columnnumber-1">5.3. 
+    Report a violation </a>
+   </ul>
+  </aside>
+  <aside class="dfn-panel" data-for="dictdef-securitypolicyviolationeventinit">
+   <b><a href="#dictdef-securitypolicyviolationeventinit">#dictdef-securitypolicyviolationeventinit</a></b><b>Referenced in:</b>
+   <ul>
+    <li><a href="#ref-for-dictdef-securitypolicyviolationeventinit-1">5.1. 
+    Violation DOM Events </a>
+   </ul>
+  </aside>
   <aside class="dfn-panel" data-for="fetch-directives">
    <b><a href="#fetch-directives">#fetch-directives</a></b><b>Referenced in:</b>
    <ul>
diff --git a/index.src.html b/index.src.html
index 44199c9719..8c42677ef6 100644
--- a/index.src.html
+++ b/index.src.html
@@ -1147,8 +1147,6 @@ <h3 id="html-integration">
       is called during the <a>process a navigate response</a> algorithm to
       apply directive's navigation checks.
 
-      ISSUE(whatwg/html#1230): Upstream this to HTML.
-
       ISSUE(w3c/html#548): W3C's HTML is not based on Fetch, and does not
       have a <a>process a navigate response</a> algorithm into which to hook.