当前位置:网站首页>关于 Web Content-Security-Policy Directive 通过 meta 元素指定的一些测试用例
关于 Web Content-Security-Policy Directive 通过 meta 元素指定的一些测试用例
2022-07-07 10:07:00 【InfoQ】
frame-src
测试1:3000 应用(即嵌入 3002 应用的 web 应用里)增加 frame-src
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="frame-src 'self'">
</head>
<h1>Parent</h1>
<iframe src="http://localhost:3002/csp"></iframe>
</html>
测试2
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="frame-src 'http://localhost:3002'">
</head>
<h1>Parent</h1>
<iframe src="http://localhost:3002/csp"></iframe>
</html>
*
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="frame-src http://localhost:3002/csp">
</head>
<h1>Parent</h1>
<iframe src="http://localhost:3002/csp"></iframe>
</html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="frame-src http://localhost:*/csp">
</head>
<h1>Parent</h1>
<iframe src="http://localhost:3002/csp"></iframe>
</html>
边栏推荐
- 一起探索云服务之云数据库
- Nuclear boat (I): when "male mothers" come into reality, can the biotechnology revolution liberate women?
- 请查收.NET MAUI 的最新学习资源
- Fleet tutorial 14 basic introduction to listtile (tutorial includes source code)
- 通过环境变量将 Pod 信息呈现给容器
- 小红书微服务框架及治理等云原生业务架构演进案例
- . Net Maui performance improvement
- 如何理解服装产业链及供应链
- [texture feature extraction] LBP image texture feature extraction based on MATLAB local binary mode [including Matlab source code 1931]
- 108. Network security penetration test - [privilege escalation 6] - [windows kernel overflow privilege escalation]
猜你喜欢
Zero shot, one shot and few shot
STM32F1与STM32CubeIDE编程实例-MAX7219驱动8位7段数码管(基于SPI)
![[data clustering] realize data clustering analysis based on multiverse optimization DBSCAN with matlab code](/img/83/0652e3138b87a4741dd8261a24d1e8.png)
[data clustering] realize data clustering analysis based on multiverse optimization DBSCAN with matlab code
SwiftUI 4 新功能之掌握 WeatherKit 和 Swift Charts
Half of the people don't know the difference between for and foreach???
【神经网络】卷积神经网络CNN【含Matlab源码 1932期】
![[full stack plan - programming language C] basic introductory knowledge](/img/6d/555ac6b80b015e0cdfb7ef0a234f9d.png)
[full stack plan - programming language C] basic introductory knowledge
Rationaldmis2022 advanced programming macro program
正在運行的Kubernetes集群想要調整Pod的網段地址
Mastering the new functions of swiftui 4 weatherkit and swift charts
随机推荐
【最短路】ACwing 1127. 香甜的黄油(堆优化的dijsktra或spfa)
Talk about SOC startup (VII) uboot startup process III
What are the top-level domain names? How is it classified?
请查收.NET MAUI 的最新学习资源
110. Network security penetration test - [privilege promotion 8] - [windows sqlserver xp_cmdshell stored procedure authorization]
Tsinghua Yaoban programmers, online marriage was scolded?
禁锢自己的因素,原来有这么多
Half of the people don't know the difference between for and foreach???
竟然有一半的人不知道 for 与 foreach 的区别???
通过环境变量将 Pod 信息呈现给容器
小红书微服务框架及治理等云原生业务架构演进案例
Talk about SOC startup (x) kernel startup pilot knowledge
Sonar:Cognitive Complexity认知复杂度
There are so many factors that imprison you
In SQL, I want to set foreign keys. Why is this problem
<No. 9> 1805. 字符串中不同整数的数目 (简单)
VIM command mode and input mode switching
Suggestions on one-stop development of testing life
sink 消费 到 MySQL, 数据库表里面已经设置了 自增主键, flink 里面,如何 操作?
Various uses of vim are very practical. I learned and summarized them in my work