Security/CSP/Sandbox

From MozillaWiki

< Security‎ | CSP

Revision as of 01:03, 5 November 2009 by Abarth (talk | contribs) (Created page with '= Overview = In this design, the content restrictions are based on the "sandbox" attribute of frames in HTML5. = Syntax = An HTTP server can deliver a policy to the brows…')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Overview

In this design, the content restrictions are based on the "sandbox" attribute of frames in HTML5.

Syntax

An HTTP server can deliver a policy to the browser by including a header named X-Sandbox. The X-Sandbox header as the following syntax:

content-security-policy = "x-sandbox" ":" OWS directive-list OWS
directive-list          = directive [SP directive-list]
directive               = "allow-same-origin" / "allow-forms" / "allow-scripts"

ddd

Semantics

ggg

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/CSP/Sandbox&oldid=180959"