Version vom 13. April 2023, 10:47 Uhr

Bereiche

Content Security Policy

upgrade-insecure-requests

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests

Syntax

upgrade-insecure-requests;

frame-ancestors

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors

Syntax

frame-ancestors 'self';

form-action

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action

Syntax

form-action 'self';

ToDo

frame-ancestors 'self'; form-action 'self'; base-uri 'self'; connect-src 'self' data: maps.googleapis.com; default-src 'self'; font-src 'self' data: googletagmanager.com; img-src 'self' blob: data:; manifest-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' 'unsafe-inline' 'report-sample'; worker-src 'self';“

Strict-Transport-Security

X-Content-Type-Options

X-Frame-Options

Referrer-Policy

Permissions-Policy

https://developer.mozilla.org/en-US/docs/Web/HTTP/Permissions_Policy

@@ Zeile 24: / Zeile 24: @@
 </pre>
+=== form-action ===
+* https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action
+Syntax
+<pre>
+form-action 'self';
+</pre>
 === ToDo ===

Content Security Headers: Unterschied zwischen den Versionen

Version vom 13. April 2023, 10:47 Uhr

Inhaltsverzeichnis

Bereiche

Content Security Policy

upgrade-insecure-requests

frame-ancestors

form-action

ToDo

Strict-Transport-Security

X-Content-Type-Options

X-Frame-Options

Referrer-Policy

Permissions-Policy

Navigationsmenü

Suche