Closed astoeckel closed 3 years ago
Disable inline JavaScript and CSS. Disallow loading resources from anything other than the same origin (CSP); disallow embedding content from the application in other websites (CORS)
CORS: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS CSP: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
Depends on #9 , #10
Disable inline JavaScript and CSS. Disallow loading resources from anything other than the same origin (CSP); disallow embedding content from the application in other websites (CORS)
CORS:
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORSCSP:https://developer.mozilla.org/en-US/docs/Web/HTTP/CSPDepends on #9 , #10