The Web Application Security Working Group has published a Candidate Recommendation of Content Security Policy Level 2.
This specification updates Content Security Policy,
fine-tuning the existing policy options, and introducing a number of new
mechanisms that site authors can use to mitigate the risk of content
injection and related attacks. Major differences from Content Security
Policy Level 1 may be found in Section 1.1 of the document.
With this publication, we move the earlier edition off the Recommendation Track to a Note (Content Security Policy 1.0) and invite implementers to share their experience with CSP Level 2. Learn more about the Security Activity.
With this publication, we move the earlier edition off the Recommendation Track to a Note (Content Security Policy 1.0) and invite implementers to share their experience with CSP Level 2. Learn more about the Security Activity.
No comments:
Post a Comment