mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
W3C CSP document moved to gihub.io URL [ci skip]
The old link https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html is now being soft redirected to this new URL
This commit is contained in:
parent
8d1c703727
commit
3779c1d45e
1 changed files with 1 additions and 1 deletions
|
@ -1003,7 +1003,7 @@ _'1; mode=block' in Rails by default_ - use XSS Auditor and block page if XSS at
|
|||
* X-Content-Type-Options
|
||||
_'nosniff' in Rails by default_ - stops the browser from guessing the MIME type of a file.
|
||||
* X-Content-Security-Policy
|
||||
[A powerful mechanism for controlling which sites certain content types can be loaded from](http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html)
|
||||
[A powerful mechanism for controlling which sites certain content types can be loaded from](http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html)
|
||||
* Access-Control-Allow-Origin
|
||||
Used to control which sites are allowed to bypass same origin policies and send cross-origin requests.
|
||||
* Strict-Transport-Security
|
||||
|
|
Loading…
Reference in a new issue