Statements (56)
Predicate | Object |
---|---|
gptkbp:instanceOf |
web security standard
|
gptkbp:abbreviation |
gptkb:CSP
|
gptkbp:appliesTo |
web browsers
|
gptkbp:category |
gptkb:standard
web security HTTP header |
gptkbp:controls |
sources of content
|
gptkbp:definedIn |
gptkb:W3C
|
gptkbp:directive |
sandbox
connect-src default-src font-src frame-src img-src media-src object-src report-to report-uri script-src style-src base-uri block-all-mixed-content child-src form-action frame-ancestors manifest-src navigate-to require-sri-for upgrade-insecure-requests worker-src script-src-attr script-src-elem style-src-attr style-src-elem trusted-types |
gptkbp:enforcedBy |
gptkb:meta_element
HTTP response header |
gptkbp:firstPublished |
2012
|
https://www.w3.org/2000/01/rdf-schema#label |
Content-Security-Policy
|
gptkbp:latestReleaseVersion |
Level 3
|
gptkbp:purpose |
mitigate data injection attacks
prevent cross-site scripting |
gptkbp:relatedTo |
gptkb:HTTP_Strict_Transport_Security
gptkb:Subresource_Integrity Referrer-Policy X-Content-Security-Policy X-WebKit-CSP Feature-Policy |
gptkbp:status |
recommended for all modern websites
|
gptkbp:supportedBy |
gptkb:opera
gptkb:Edge gptkb:Safari gptkb:Firefox gptkb:Chrome |
gptkbp:bfsParent |
gptkb:Content_Security_Policy
|
gptkbp:bfsLayer |
5
|