canmove, Confirmed users
1,537
edits
Security/CSP/Specification: Difference between revisions
no edit summary
m (→Directives) |
No edit summary |
||
| (3 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
This specification document is DEPRECATED (old and crusty). The W3C has undertaken standardization of CSP and you can find the [http://www.w3.org/TR/CSP/ W3C spec here]. | |||
=Specification= | =Specification= | ||
| Line 221: | Line 223: | ||
<ldh-str> ::= <let-dig-hyp> | <ldh-str> ::= <let-dig-hyp> | ||
| <ldh- | | <ldh-str><let-dig-hyp> | ||
<let-dig-hyp> ::= <letter> | <digit> | "-" | <let-dig-hyp> ::= <letter> | <digit> | "-" | ||
| Line 293: | Line 295: | ||
"blocked-uri": "<nowiki>http://evil.com/some_image.png</nowiki>", | "blocked-uri": "<nowiki>http://evil.com/some_image.png</nowiki>", | ||
"violated-directive": "img-src 'self'", | "violated-directive": "img-src 'self'", | ||
"original-policy": "allow 'none'; img-src * | "original-policy": "allow 'none'; img-src *; allow 'self'; img-src 'self'" | ||
} | } | ||
} | } | ||