Content-Security-Policy

GPTKB entity

Statements (56)
Predicate Object
gptkbp:instanceOf web security standard
gptkbp:abbreviation gptkb:CSP
gptkbp:appliesTo web browsers
gptkbp:category gptkb:standard
web security
HTTP header
gptkbp:controls sources of content
gptkbp:definedIn gptkb:W3C
gptkbp:directive sandbox
connect-src
default-src
font-src
frame-src
img-src
media-src
object-src
report-to
report-uri
script-src
style-src
base-uri
block-all-mixed-content
child-src
form-action
frame-ancestors
manifest-src
navigate-to
require-sri-for
upgrade-insecure-requests
worker-src
script-src-attr
script-src-elem
style-src-attr
style-src-elem
trusted-types
gptkbp:enforcedBy gptkb:meta_element
HTTP response header
gptkbp:firstPublished 2012
https://www.w3.org/2000/01/rdf-schema#label Content-Security-Policy
gptkbp:latestReleaseVersion Level 3
gptkbp:purpose mitigate data injection attacks
prevent cross-site scripting
gptkbp:relatedTo gptkb:HTTP_Strict_Transport_Security
gptkb:Subresource_Integrity
Referrer-Policy
X-Content-Security-Policy
X-WebKit-CSP
Feature-Policy
gptkbp:status recommended for all modern websites
gptkbp:supportedBy gptkb:opera
gptkb:Edge
gptkb:Safari
gptkb:Firefox
gptkb:Chrome
gptkbp:bfsParent gptkb:Content_Security_Policy
gptkbp:bfsLayer 5