senooken JP Social
  • FAQ
  • Login
senooken JP Socialはsenookenの専用分散SNSです。

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. 森建 (moriken@social.kimamass.com)'s status on Friday, 08-Feb-2019 01:12:32 JST 森建 森建

    Feature Policy も Content Security Policy も複数の HTTP ヘッダーに分割していいし、RFC 7230 に則ってカンマ区切りにしてもいいんやなぁ。知らなかった。

    https://w3c.github.io/webappsec-feature-policy/#process-response-policy
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#Multiple_content_security_policies

    In conversation Friday, 08-Feb-2019 01:12:32 JST from social.kimamass.com permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: developer.mozilla.org
      Content-Security-Policy
      from MDN Web Docs
      The HTTP Content-Security-Policy response header allows web site administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (XSS).

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    senooken JP Social is a social network, courtesy of senooken. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All senooken JP Social content and data are available under the Creative Commons Attribution 3.0 license.