Security/CSP/CSRFModule: Difference between revisions

Jump to navigation Jump to search

Security/CSP/CSRFModule (view source)

Revision as of 18:06, 22 October 2009

68 bytes added ,  22 October 2009
→‎anti-csrf
 
Line 37: Line 37:
<li>When the user agent submits any HTTP request in context of the document with enabled CSP <tt>anti-csrf</tt> directive, where such request is classified as one of:
<li>When the user agent submits any HTTP request in context of the document with enabled CSP <tt>anti-csrf</tt> directive, where such request is classified as one of:
<ol style="list-style-type:lower-alpha">
<ol style="list-style-type:lower-alpha">
<li>external resource load (e.g., <tt>img src</tt>, <tt>link href</tt>, <tt>script src</tt>, <tt>iframe src</tt>, etc.),</li>
<li>external resource load (e.g., <tt>&lt;img src=&hellip;&gt;</tt>, <tt>&lt;link href=&hellip;&gt;</tt>, <tt>&lt;script src=&hellip;&gt;</tt>, <tt>&lt;iframe src=&hellip;&gt;</tt>, etc.),</li>
<li>link activation,</li>
<li>link activation,</li>
<li>form action,</li>
<li>form action,</li>
Mtl
35

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/177780"

Navigation menu