public marks

PUBLIC MARKS with tags security & "cross-site scripting"


An Introduction to Content Security Policy - HTML5 Rocks

by dzc
Instead of blindly trusting everything that a server delivers, CSP defines the Content-Security-Policy HTTP header that allows you to create a whitelist of sources of trusted content, and instructs the browser to only execute or render resources from those sources. Even if an attacker can find a hole through which to inject script, the script won’t match the whitelist, and therefore won’t be executed.


PUBLIC TAGS related to tag security

administration +   aix +   apache +   beowulf +   bsd +   cluste +   community +   hacmp +   linux +   oracle +   plex +   rootvg +   solaris +   sunmanagers +   sysem +   tips +   unix +   usenet +   veritas +  

Active users

last mark : 02/09/2014 11:02