About: Content Security Policy

Facets (new session)
Description
Metadata
Settings
- Rule:
- Inverse Functional Properties:
- "Same As":

About: Content Security Policy Goto Sponge NotDistinct Permalink

An Entity of Type : yago:Text106387980, within Data Space : dbpedia.org associated with source document(s)

Type:

http://dbpedia.org/describe/?url=http%3A%2F%2Fdbpedia.org%2Fresource%2FContent_Security_Policy

Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. It is a Candidate Recommendation of the W3C working group on Web Application Security, widely supported by modern web browsers. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML5 features.

Attributes	Values
rdf:type	yago:WikicatComputerSecurityExploits yago:WikicatComputerSecurityStandards yago:WikicatWebApplications yago:WikicatWebSecurityExploits yago:Abstraction100002137 yago:Accomplishment100035189 yago:Act100030358 yago:Action100037396 yago:Application106570110 yago:Code106355894 yago:CodingSystem106353757 yago:Communication100033020 yago:Event100029378 yago:Feat100036762 yago:Heading106343971 yago:Line107012534 yago:Matter106365467 yago:Measure100033615 yago:Program106568978 yago:PsychologicalFeature100023100 yago:WikicatHypertextTransferProtocolHeaders yago:Writing106359877 yago:Writing106362953 yago:WrittenCommunication106349220 yago:YagoPermanentlyLocatedEntity information appliance yago:Software106566077 yago:Standard107260623 yago:SystemOfMeasurement113577171 yago:Text106387980
rdfs:label	Content Security Policy (de) Content Security Policy (en) Content Security Policy (fr) 콘텐츠 보안 정책 (ko) 内容安全策略 (zh)
rdfs:comment	Content Security Policy (CSP) ist ein Sicherheitskonzept, um Cross-Site-Scripting und andere Angriffe durch Einschleusen von Daten in Webseiten zu verhindern. Es handelt sich um einen W3C-Empfehlungskandidaten zur Sicherheit von Webanwendungen. CSP wurde ursprünglich von der Mozilla Foundation entworfen und in Firefox 4.0 erstmals experimentell unterstützt. (de) Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. It is a Candidate Recommendation of the W3C working group on Web Application Security, widely supported by modern web browsers. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML5 features. (en) 콘텐츠 보안 정책(Content Security Policy, CSP)은 신뢰된 웹 페이지 콘텍스트에서 악의적인 콘텐츠를 실행하게 하는 사이트 간 스크립팅(XSS), 클릭재킹, 그리고 기타 코드 인젝션 공격을 예방하기 위해 도입된 컴퓨터 보안 표준이다. 웹 애플리케이션 보안의 W3C 워킹 그룹의 후보 권고안이며 현대의 웹 브라우저에 폭넓게 지원된다. CSP는 웹사이트 소유자들이 승인된 콘텐츠 오리진(origin)을 선언할 수 있게 하는 표준 방식을 제공하며, 이를 통해 해당 웹사이트들로부터 브라우저들이 자바스크립트, CSS, 프레임, , 글꼴, 이미지, 그리고 자바 애플릿, 액티브X, 오디오 및 비디오 파일, 그리고 기타 HTML5 기능들을 사용할 수 있게 허용이 가능해진다. (ko) 内容安全策略（英語：Content Security Policy，简称CSP）是一种计算机安全标准，旨在防御跨站脚本、点击劫持等代码注入攻击，阻止恶意内容在受信网页环境中执行。这一标准是W3C网络应用安全工作组的候选推荐标准，被现代网页浏览器广泛支持。 (zh) Content Security Policy (abrégé CSP) est un mécanisme de sécurité standardisé permettant de restreindre l'origine du contenu (tel qu'un script Javascript, une feuille de style etc.) dans une page web à certains sites autorisés. Il permet notamment de mieux se prémunir contre des attaques d'injection de code comme les attaques par cross-site scripting (abrégé XSS) ou par détournement de clic. Ces attaques se reposant essentiellement sur l'exécution de code malveillant sur un site où l'utilisateur se sent en confiance. Sa troisième version est actuellement un Candidat de Recommandation pour le groupe de travail W3C sur le Web Application Security . (fr)
foaf:depiction
dcterms:subject	Web applications Hacking (computer security) Hypertext Transfer Protocol headers Computer security standards Web security exploits
Wikipage page ID	34231217 (xsd:integer)
Wikipage revision ID	1113876953 (xsd:integer)
Link from a Wikipage to another Wikipage	Cascading Style Sheets Ruby on Rails Web typography Web applications Computer security Cox Communications Safari (web browser) Same-origin policy Gecko (layout engine) GitHub Google Chrome Content delivery network Cross-site scripting Referer Hacking (computer security) AngularJS Application programming interface MDN Web Docs Clickjacking Web page W3C WebKit Web browser Web server Web worker HTTPS HTTP Public Key Pinning HTTP Strict Transport Security HTTP Switchboard ActiveX Firefox Firefox 4 NoScript Hypertext Transfer Protocol headers HTML5 Audio HTTP Internet Explorer 10 Internet Explorer 11 JSON JavaScript Computer security standards Web security exploits Application programming interface Code injection Java applet Multitier architecture Django (web framework) Document Object Model Bookmarklet HTML META HTML frame Microsoft Edge

Faceted Search & Find service v1.17_git139 as of Feb 29 2024

Alternative Linked Data Documents: ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 08.03.3330 as of Mar 19 2024, on Linux (x86_64-generic-linux-glibc212), Single-Server Edition (61 GB total memory, 49 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software