gptkbp:instanceOf
|
web security standard
|
gptkbp:abbreviation
|
gptkb:CSP
|
gptkbp:appliesTo
|
web applications
web browsers
|
gptkbp:category
|
gptkb:standard
web development
web security
|
gptkbp:definedIn
|
HTTP response header
|
gptkbp:developedBy
|
gptkb:World_Wide_Web_Consortium
|
gptkbp:directive
|
connect-src
default-src
font-src
frame-src
img-src
media-src
object-src
report-to
report-uri
script-src
style-src
|
gptkbp:enforcedBy
|
gptkb:server
browser
|
gptkbp:firstPublished
|
2012
|
gptkbp:headerName
|
gptkb:Content-Security-Policy
gptkb:Content-Security-Policy-Report-Only
|
https://www.w3.org/2000/01/rdf-schema#label
|
Content Security Policy
|
gptkbp:latestReleaseVersion
|
Level 3
|
gptkbp:prevention
|
code injection
data theft
malicious script execution
|
gptkbp:purpose
|
mitigate data injection attacks
prevent cross-site scripting
|
gptkbp:relatedStandard
|
gptkb:HTTP_Strict_Transport_Security
Referrer-Policy
X-Frame-Options
|
gptkbp:RFC
|
gptkb:W3C_Recommendation
|
gptkbp:status
|
gptkb:standard
|
gptkbp:supportedBy
|
gptkb:Google_Chrome
gptkb:Mozilla_Firefox
gptkb:opera
gptkb:Microsoft_Edge
gptkb:Safari
|
gptkbp:website
|
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
https://www.w3.org/TR/CSP3/
|
gptkbp:bfsParent
|
gptkb:Web_Security_Working_Group
|
gptkbp:bfsLayer
|
4
|