Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Content Security Policy Details. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Content Security Policy Details
by Acidus at 11:01 pm EDT, Jun 29, 2009

The main goal of Content Security Policy is to prevent malicious code from being injected into a website and executed within the context of that site.

This could be huge. At the fullest implementation the only JavaScript that will be allowed to execute is external JavaScript files that are specifically white listed by the server. Good bye attribute injection, javascript URIs, and plain SCRIPT tags. No dynamic code execution either! no eval(), no setTimeout() or setInterval() with a string of code. Goodbye obfuscated JavaScript problem. Thanks to native JSON parsing functions, we don't need you anymore.

Some excellent innovation coming out of these Browser wars...


 
 
Powered By Industrial Memetics