Content Security Policy,内容安全策略
CSP 用于检测和缓解某些类型的网站攻击,比如跨站点脚本、点击劫持和数据注入。是基于 HTTP 的 Content-Security-Policy header 实现的。
Content-Security-Policy
https://en.wikipedia.org/wiki/Content_Security_Policyarrow-up-right
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSParrow-up-right
https://developer.mozilla.org/en-US/docs/Glossary/Cross-site_scriptingarrow-up-right
https://developer.mozilla.org/en-US/docs/Glossary/Clickjackingarrow-up-right
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policyarrow-up-right
Last updated 3 years ago