| http://dbpedia.org/ontology/abstract
|
Content Security Policy (abrégé CSP) est u … Content Security Policy (abrégé CSP) est un mécanisme de sécurité standardisé permettant de restreindre l'origine du contenu (tel qu'un script Javascript, une feuille de style etc.) dans une page web à certains sites autorisés. Il permet notamment de mieux se prémunir contre des attaques d'injection de code comme les attaques par cross-site scripting (abrégé XSS) ou par détournement de clic. Ces attaques se reposant essentiellement sur l'exécution de code malveillant sur un site où l'utilisateur se sent en confiance. Sa troisième version est actuellement un Candidat de Recommandation pour le groupe de travail W3C sur le Web Application Security . CSP fournit une méthode standard pour que les propriétaires de sites web puissent déclarer les origines approuvées de contenu dont les navigateurs devraient être autorisés à charger sur ce site. Les types couverts sont des scripts JavaScript, des feuilles de style CSS, des (en), des (en), des polices d'écriture, des images, des objets incorporables comme des Applets Java, ActiveX, des fichiers audio ou vidéo, et d'autres fonctionnalités d'HTML5. La plupart des navigateurs modernes supportent ce mécanisme dans sa première version. Ceux ne supportant pas cette spécification ignorent simplement l'en-tête, cela est donc transparent pour le visiteur.ela est donc transparent pour le visiteur.
, 内容安全策略(英語:Content Security Policy,简称CSP)是一种计算机安全标准,旨在防御跨站脚本、点击劫持等代码注入攻击,阻止恶意内容在受信网页环境中执行。这一标准是W3C网络应用安全工作组的候选推荐标准,被现代网页浏览器广泛支持。
, Content Security Policy (CSP) is a compute … Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. It is a Candidate Recommendation of the W3C working group on Web Application Security, widely supported by modern web browsers. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML5 features.and video files, and other HTML5 features.
, Content Security Policy (CSP) ist ein Sich … Content Security Policy (CSP) ist ein Sicherheitskonzept, um Cross-Site-Scripting und andere Angriffe durch Einschleusen von Daten in Webseiten zu verhindern. Es handelt sich um einen W3C-Empfehlungskandidaten zur Sicherheit von Webanwendungen. CSP wurde ursprünglich von der Mozilla Foundation entworfen und in Firefox 4.0 erstmals experimentell unterstützt.ox 4.0 erstmals experimentell unterstützt.
, 콘텐츠 보안 정책(Content Security Policy, CSP)은 신 … 콘텐츠 보안 정책(Content Security Policy, CSP)은 신뢰된 웹 페이지 콘텍스트에서 악의적인 콘텐츠를 실행하게 하는 사이트 간 스크립팅(XSS), 클릭재킹, 그리고 기타 코드 인젝션 공격을 예방하기 위해 도입된 컴퓨터 보안 표준이다. 웹 애플리케이션 보안의 W3C 워킹 그룹의 후보 권고안이며 현대의 웹 브라우저에 폭넓게 지원된다. CSP는 웹사이트 소유자들이 승인된 콘텐츠 오리진(origin)을 선언할 수 있게 하는 표준 방식을 제공하며, 이를 통해 해당 웹사이트들로부터 브라우저들이 자바스크립트, CSS, 프레임, , 글꼴, 이미지, 그리고 자바 애플릿, 액티브X, 오디오 및 비디오 파일, 그리고 기타 HTML5 기능들을 사용할 수 있게 허용이 가능해진다. 파일, 그리고 기타 HTML5 기능들을 사용할 수 있게 허용이 가능해진다.
|
| http://dbpedia.org/ontology/thumbnail
|
http://commons.wikimedia.org/wiki/Special:FilePath/ContentSecurityPolicy3_diagram.png?width=300 +
|
| http://dbpedia.org/ontology/wikiPageExternalLink
|
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP +
, http://www.w3.org/TR/CSP/ +
, http://www.gnudeveloper.com/cyber_security/secure_coding_guidelines_for_content_security_policy.html +
|
| http://dbpedia.org/ontology/wikiPageID
|
34231217
|
| http://dbpedia.org/ontology/wikiPageLength
|
17810
|
| http://dbpedia.org/ontology/wikiPageRevisionID
|
1113876953
|
| http://dbpedia.org/ontology/wikiPageWikiLink
|
http://dbpedia.org/resource/WebKit +
, http://dbpedia.org/resource/Opera_%28web_browser%29 +
, http://dbpedia.org/resource/Cox_Communications +
, http://dbpedia.org/resource/Firefox +
, http://dbpedia.org/resource/API +
, http://dbpedia.org/resource/Web_worker +
, http://dbpedia.org/resource/Category:Web_applications +
, http://dbpedia.org/resource/Cascading_Style_Sheets +
, http://dbpedia.org/resource/Multitier_architecture +
, http://dbpedia.org/resource/Category:Hacking_%28computer_security%29 +
, http://dbpedia.org/resource/AngularJS +
, http://dbpedia.org/resource/Web_page +
, http://dbpedia.org/resource/HTTP +
, http://dbpedia.org/resource/Firefox_4 +
, http://dbpedia.org/resource/Google_Chrome +
, http://dbpedia.org/resource/Load_balancer +
, http://dbpedia.org/resource/Internet_Explorer_10 +
, http://dbpedia.org/resource/Code_injection +
, http://dbpedia.org/resource/Django_%28web_framework%29 +
, http://dbpedia.org/resource/Internet_Explorer_11 +
, http://dbpedia.org/resource/Ruby_on_Rails +
, http://dbpedia.org/resource/GitHub +
, http://dbpedia.org/resource/Web_server +
, http://dbpedia.org/resource/JavaScript +
, http://dbpedia.org/resource/Bookmarklet +
, http://dbpedia.org/resource/Gecko_%28layout_engine%29 +
, http://dbpedia.org/resource/Document_Object_Model +
, http://dbpedia.org/resource/Safari_%28web_browser%29 +
, http://dbpedia.org/resource/Microsoft_Edge +
, http://dbpedia.org/resource/Java_applet +
, http://dbpedia.org/resource/HTTPS +
, http://dbpedia.org/resource/Same-origin_policy +
, http://dbpedia.org/resource/Computer_security +
, http://dbpedia.org/resource/MDN_Web_Docs +
, http://dbpedia.org/resource/HTTP_Strict_Transport_Security +
, http://dbpedia.org/resource/Web_browser +
, http://dbpedia.org/resource/W3C +
, http://dbpedia.org/resource/Referer +
, http://dbpedia.org/resource/Category:Web_security_exploits +
, http://dbpedia.org/resource/Category:Hypertext_Transfer_Protocol_headers +
, http://dbpedia.org/resource/Clickjacking +
, http://dbpedia.org/resource/Category:Computer_security_standards +
, http://dbpedia.org/resource/HTML_frame +
, http://dbpedia.org/resource/Cross-site_scripting +
, http://dbpedia.org/resource/Trusted_Computing_Base +
, http://dbpedia.org/resource/File:ContentSecurityPolicy3_diagram.png +
, http://dbpedia.org/resource/Content_delivery_network +
, http://dbpedia.org/resource/HTTP_Switchboard +
, http://dbpedia.org/resource/NoScript +
, http://dbpedia.org/resource/Subresource_Integrity +
, http://dbpedia.org/resource/HTTP_Public_Key_Pinning +
, http://dbpedia.org/resource/Application_programming_interface +
, http://dbpedia.org/resource/HTML_META +
, http://dbpedia.org/resource/HTML5 +
, http://dbpedia.org/resource/Web_typography +
, http://dbpedia.org/resource/ActiveX +
, http://dbpedia.org/resource/JSON +
|
| http://dbpedia.org/property/group
|
lower-alpha
|
| http://dbpedia.org/property/wikiPageUsesTemplate
|
http://dbpedia.org/resource/Template:Short_description +
, http://dbpedia.org/resource/Template:As_of +
, http://dbpedia.org/resource/Template:Reflist +
, http://dbpedia.org/resource/Template:Citation_needed +
, http://dbpedia.org/resource/Template:Efn +
|
| http://purl.org/dc/terms/subject
|
http://dbpedia.org/resource/Category:Web_applications +
, http://dbpedia.org/resource/Category:Hacking_%28computer_security%29 +
, http://dbpedia.org/resource/Category:Computer_security_standards +
, http://dbpedia.org/resource/Category:Hypertext_Transfer_Protocol_headers +
, http://dbpedia.org/resource/Category:Web_security_exploits +
|
| http://purl.org/linguistics/gold/hypernym
|
http://dbpedia.org/resource/Computer +
|
| http://www.w3.org/ns/prov#wasDerivedFrom
|
http://en.wikipedia.org/wiki/Content_Security_Policy?oldid=1113876953&ns=0 +
|
| http://xmlns.com/foaf/0.1/depiction
|
http://commons.wikimedia.org/wiki/Special:FilePath/ContentSecurityPolicy3_diagram.png +
|
| http://xmlns.com/foaf/0.1/isPrimaryTopicOf
|
http://en.wikipedia.org/wiki/Content_Security_Policy +
|
| owl:sameAs |
http://www.wikidata.org/entity/Q1128636 +
, http://fr.dbpedia.org/resource/Content_Security_Policy +
, https://global.dbpedia.org/id/BT5Q +
, http://sr.dbpedia.org/resource/Polisa_bezbednosti_sadr%C5%BEaja +
, http://de.dbpedia.org/resource/Content_Security_Policy +
, http://yago-knowledge.org/resource/Content_Security_Policy +
, http://ko.dbpedia.org/resource/%EC%BD%98%ED%85%90%EC%B8%A0_%EB%B3%B4%EC%95%88_%EC%A0%95%EC%B1%85 +
, http://dbpedia.org/resource/Content_Security_Policy +
, http://rdf.freebase.com/ns/m.0hzn_0s +
, http://zh.dbpedia.org/resource/%E5%86%85%E5%AE%B9%E5%AE%89%E5%85%A8%E7%AD%96%E7%95%A5 +
|
| rdf:type |
http://dbpedia.org/class/yago/WikicatComputerSecurityStandards +
, http://dbpedia.org/class/yago/CodingSystem106353757 +
, http://dbpedia.org/class/yago/Application106570110 +
, http://dbpedia.org/class/yago/WikicatHypertextTransferProtocolHeaders +
, http://dbpedia.org/class/yago/Abstraction100002137 +
, http://dbpedia.org/class/yago/YagoPermanentlyLocatedEntity +
, http://dbpedia.org/class/yago/Heading106343971 +
, http://dbpedia.org/class/yago/Standard107260623 +
, http://dbpedia.org/class/yago/SystemOfMeasurement113577171 +
, http://dbpedia.org/class/yago/WikicatComputerSecurityExploits +
, http://dbpedia.org/class/yago/Event100029378 +
, http://dbpedia.org/class/yago/Text106387980 +
, http://dbpedia.org/class/yago/Line107012534 +
, http://dbpedia.org/class/yago/Communication100033020 +
, http://dbpedia.org/class/yago/Writing106359877 +
, http://dbpedia.org/class/yago/Accomplishment100035189 +
, http://dbpedia.org/class/yago/Matter106365467 +
, http://dbpedia.org/class/yago/Program106568978 +
, http://dbpedia.org/class/yago/Act100030358 +
, http://dbpedia.org/ontology/InformationAppliance +
, http://dbpedia.org/class/yago/Software106566077 +
, http://dbpedia.org/class/yago/Action100037396 +
, http://dbpedia.org/class/yago/WikicatWebSecurityExploits +
, http://dbpedia.org/class/yago/PsychologicalFeature100023100 +
, http://dbpedia.org/class/yago/Feat100036762 +
, http://dbpedia.org/class/yago/Code106355894 +
, http://dbpedia.org/class/yago/WrittenCommunication106349220 +
, http://dbpedia.org/class/yago/Measure100033615 +
, http://dbpedia.org/class/yago/Writing106362953 +
, http://dbpedia.org/class/yago/WikicatWebApplications +
|
| rdfs:comment |
Content Security Policy (abrégé CSP) est u … Content Security Policy (abrégé CSP) est un mécanisme de sécurité standardisé permettant de restreindre l'origine du contenu (tel qu'un script Javascript, une feuille de style etc.) dans une page web à certains sites autorisés. Il permet notamment de mieux se prémunir contre des attaques d'injection de code comme les attaques par cross-site scripting (abrégé XSS) ou par détournement de clic. Ces attaques se reposant essentiellement sur l'exécution de code malveillant sur un site où l'utilisateur se sent en confiance. Sa troisième version est actuellement un Candidat de Recommandation pour le groupe de travail W3C sur le Web Application Security .vail W3C sur le Web Application Security .
, 内容安全策略(英語:Content Security Policy,简称CSP)是一种计算机安全标准,旨在防御跨站脚本、点击劫持等代码注入攻击,阻止恶意内容在受信网页环境中执行。这一标准是W3C网络应用安全工作组的候选推荐标准,被现代网页浏览器广泛支持。
, Content Security Policy (CSP) is a compute … Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. It is a Candidate Recommendation of the W3C working group on Web Application Security, widely supported by modern web browsers. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML5 features.and video files, and other HTML5 features.
, Content Security Policy (CSP) ist ein Sich … Content Security Policy (CSP) ist ein Sicherheitskonzept, um Cross-Site-Scripting und andere Angriffe durch Einschleusen von Daten in Webseiten zu verhindern. Es handelt sich um einen W3C-Empfehlungskandidaten zur Sicherheit von Webanwendungen. CSP wurde ursprünglich von der Mozilla Foundation entworfen und in Firefox 4.0 erstmals experimentell unterstützt.ox 4.0 erstmals experimentell unterstützt.
, 콘텐츠 보안 정책(Content Security Policy, CSP)은 신 … 콘텐츠 보안 정책(Content Security Policy, CSP)은 신뢰된 웹 페이지 콘텍스트에서 악의적인 콘텐츠를 실행하게 하는 사이트 간 스크립팅(XSS), 클릭재킹, 그리고 기타 코드 인젝션 공격을 예방하기 위해 도입된 컴퓨터 보안 표준이다. 웹 애플리케이션 보안의 W3C 워킹 그룹의 후보 권고안이며 현대의 웹 브라우저에 폭넓게 지원된다. CSP는 웹사이트 소유자들이 승인된 콘텐츠 오리진(origin)을 선언할 수 있게 하는 표준 방식을 제공하며, 이를 통해 해당 웹사이트들로부터 브라우저들이 자바스크립트, CSS, 프레임, , 글꼴, 이미지, 그리고 자바 애플릿, 액티브X, 오디오 및 비디오 파일, 그리고 기타 HTML5 기능들을 사용할 수 있게 허용이 가능해진다. 파일, 그리고 기타 HTML5 기능들을 사용할 수 있게 허용이 가능해진다.
|
| rdfs:label |
Content Security Policy
, 内容安全策略
, 콘텐츠 보안 정책
|
