https://github.com/mikewest/csp-next … is a thought experiment: what if we broke CSP in half, removed some esoteric options, and built policy primitives that specifically targeted XSS on the one hand, and resource confinement on the other?
-
-
As you know, I’ve long been a proponent of splitting up CSP. I even think a separate script control header is a good idea. Is it that similar to what you want?
-
I was thinking about you while writing this doc. I think it says things you will appreciate. And if you can find a reasonable way to inject "Architecture" into the naming, that's fine by me. :)
- Još 1 odgovor
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
)