wiki:Notes on Content Security Policies

Version 2 (modified by abarth@webkit.org, 10 years ago) (diff)

--

Notes on Content Security Policies

  • script-src should only restrict the final URL, not all the URLs in the redirect chain.