当前位置:网站首页>About web content security policy directive some test cases specified through meta elements
About web content security policy directive some test cases specified through meta elements
2022-07-07 12:23:00 【InfoQ】
frame-src
test 1:3000 application ( Namely embedding 3002 Applied web In the application ) increase frame-src
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="frame-src 'self'">
</head>
<h1>Parent</h1>
<iframe src="http://localhost:3002/csp"></iframe>
</html>
test 2
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="frame-src 'http://localhost:3002'">
</head>
<h1>Parent</h1>
<iframe src="http://localhost:3002/csp"></iframe>
</html>
*
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="frame-src http://localhost:3002/csp">
</head>
<h1>Parent</h1>
<iframe src="http://localhost:3002/csp"></iframe>
</html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="frame-src http://localhost:*/csp">
</head>
<h1>Parent</h1>
<iframe src="http://localhost:3002/csp"></iframe>
</html>
边栏推荐
- 让数字管理好库存
- 18 basic introduction to divider separator component of fleet tutorial (tutorial includes source code)
- PowerShell cs-utf-16le code goes online
- Flet教程之 17 Card卡片组件 基础入门(教程含源码)
- 盘点JS判断空对象的几大方法
- 108. Network security penetration test - [privilege escalation 6] - [windows kernel overflow privilege escalation]
- 即刻报名|飞桨黑客马拉松第三期盛夏登场,等你挑战
- 全球首堆“玲龙一号”反应堆厂房钢制安全壳上部筒体吊装成功
- MATLAB實現Huffman編碼譯碼含GUI界面
- When sink is consumed in mysql, the self incrementing primary key has been set in the database table. How to operate in Flink?
猜你喜欢
The road to success in R & D efficiency of 1000 person Internet companies
Common locking table processing methods in Oracle
idea 2021中文乱码
Simple network configuration for equipment management
Unity 贴图自动匹配材质工具 贴图自动添加到材质球工具 材质球匹配贴图工具 Substance Painter制作的贴图自动匹配材质球工具
Zero shot, one shot and few shot
PowerShell cs-utf-16le code goes online
Introduction and application of smoothstep in unity: optimization of dissolution effect
超标量处理器设计 姚永斌 第9章 指令执行 摘录
wallys/Qualcomm IPQ8072A networking SBC supports dual 10GbE, WiFi 6
随机推荐
全球首堆“玲龙一号”反应堆厂房钢制安全壳上部筒体吊装成功
UP Meta—Web3.0世界创新型元宇宙金融协议
Processing strategy of message queue message loss and repeated message sending
NPC Jincang was invited to participate in the "aerospace 706" I have an appointment with aerospace computer "national Partner Conference
112. Network security penetration test - [privilege promotion article 10] - [Windows 2003 lpk.ddl hijacking rights lifting & MSF local rights lifting]
Sonar:cognitive complexity
How to connect 5V serial port to 3.3V MCU serial port?
Camera calibration (1): basic principles of monocular camera calibration and Zhang Zhengyou calibration
超标量处理器设计 姚永斌 第10章 指令提交 摘录
The function of adding @ before the path in C #
免备案服务器会影响网站排名和权重吗?
Upgrade from a tool to a solution, and the new site with praise points to new value
盘点JS判断空对象的几大方法
H3C HCl MPLS layer 2 dedicated line experiment
从工具升级为解决方案,有赞的新站位指向新价值
2022年在启牛开华泰的账户安全吗?
Fleet tutorial 15 introduction to GridView Basics (tutorial includes source code)
Apache installation problem: configure: error: APR not found Please read the documentation
Flet教程之 15 GridView 基础入门(教程含源码)
111. Network security penetration test - [privilege escalation 9] - [windows 2008 R2 kernel overflow privilege escalation]