Changes for page Allgemein

From version 4.12
edited by awa
on 03.01.2023, 15:26
Change comment: There is no comment for this version
To version 4.14
edited by gru
on 16.01.2023, 14:13
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.awa
1 +XWiki.gru
Content
... ... @@ -54,12 +54,10 @@
54 54  You can add additional policies to the Content-Security-Policy header.
55 55  {{/figure}}
56 56  
57 -{{version major="7" minor="2"/}}
57 +{{version major="7" minor="2" patch="1"/}} Lets you add additional policies to the Content-Security-Policy header. Different values can be stored for backend (administration interface, designer, inbox) and for frontend (web forms).
58 58  
59 -Ermöglicht es, weitere Werte zum Content-Security-Policy-Header hinzuzufügen. Für Backend (Verwaltungsoberfche, Designer, Postfach) und r Frontend (Webformulare) können verschiedene Werte hinterlegt werden.
59 +Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution. A primary goal of CSP is to mitigate and report XSS attacks. CSP makes it possible for server administrators to reduce or eliminate the vectors by which XSS can occur by specifying the domains that the browser should consider to be valid sources of executable scripts.
60 60  
61 -Lets you add additional policies to the Content-Security-Policy header. Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution. A primary goal of CSP is to mitigate and report XSS attacks. CSP makes it possible for server administrators to reduce or eliminate the vectors by which XSS can occur by specifying the domains that the browser should consider to be valid sources of executable scripts.
62 -
63 63  For a list of available policies, see e.g. this [[Mozilla page>>url:https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy||_target="blank"]].
64 64  
65 65  == Protocol ==