Content Security Policy

GPTKB entity

Statements (46)
Predicate Object
gptkbp:instanceOf web security standard
gptkbp:abbreviation gptkb:CSP
gptkbp:appliesTo web applications
web browsers
gptkbp:category gptkb:standard
web development
web security
gptkbp:definedIn HTTP response header
gptkbp:developedBy gptkb:World_Wide_Web_Consortium
gptkbp:directive connect-src
default-src
font-src
frame-src
img-src
media-src
object-src
report-to
report-uri
script-src
style-src
gptkbp:enforcedBy gptkb:server
browser
gptkbp:firstPublished 2012
gptkbp:headerName gptkb:Content-Security-Policy
gptkb:Content-Security-Policy-Report-Only
https://www.w3.org/2000/01/rdf-schema#label Content Security Policy
gptkbp:latestReleaseVersion Level 3
gptkbp:prevention code injection
data theft
malicious script execution
gptkbp:purpose mitigate data injection attacks
prevent cross-site scripting
gptkbp:relatedStandard gptkb:HTTP_Strict_Transport_Security
Referrer-Policy
X-Frame-Options
gptkbp:RFC gptkb:W3C_Recommendation
gptkbp:status gptkb:standard
gptkbp:supportedBy gptkb:Google_Chrome
gptkb:Mozilla_Firefox
gptkb:opera
gptkb:Microsoft_Edge
gptkb:Safari
gptkbp:website https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
https://www.w3.org/TR/CSP3/
gptkbp:bfsParent gptkb:Web_Security_Working_Group
gptkbp:bfsLayer 4