{"json_modified": "2016-03-28T07:40:41.126958", "uuid": "f34ff2d7-709a-457a-96b2-7c78a95a527f", "title": "Using Content Security Policy", "url": "/en-US/docs/Web/Security/CSP/Using_Content_Security_Policy", "tags": ["Security", "Content Security Policy"], "translations": [{"uuid": "fa041da0-7c05-4869-b18a-92cf024377b1", "title": "Content Security Policy \u306e\u5229\u7528\u65b9\u6cd5", "url": "/ja/docs/Web/Security/CSP/Using_Content_Security_Policy", "tags": ["Security", "Content Security Policy"], "summary": "Content Security Policy \u306e\u8a2d\u5b9a\u3068\u306f\u3001Web \u30da\u30fc\u30b8\u306b\u5bfe\u3059\u308b Content-Security-Policy
HTTP \u30d8\u30c3\u30c0\u306e\u4ed8\u52a0\u3001\u307e\u305f\u305d\u306e\u30da\u30fc\u30b8\u4e0a\u3067\u30e6\u30fc\u30b6\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u304c\u8aad\u307f\u8fbc\u3080\u30ea\u30bd\u30fc\u30b9\u3092\u5236\u9650\u3059\u308b\u5024\u306e\u8a2d\u5b9a\u306b\u4ed6\u306a\u308a\u307e\u305b\u3093\u3002\u4f8b\u3067\u8aac\u660e\u3059\u308b\u3068\u3001\u753b\u50cf\u3092\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3057\u3066\u8868\u793a\u3059\u308b\u30da\u30fc\u30b8\u306a\u3089\u3070\u3001\u753b\u50cf\u306b\u3064\u3044\u3066\u306f\u4efb\u610f\u306e\u5834\u6240\u3092\u8a31\u53ef\u3059\u308b\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u304c\u3001\u30d5\u30a9\u30fc\u30e0\u306e\u9001\u4fe1\u5143\u306f\u5236\u9650\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b\u3067\u3057\u3087\u3046\u3002Content Security Policy \u3092\u9069\u5207\u306b\u8a2d\u5b9a\u3059\u308c\u3070\u3001\u30af\u30ed\u30b9\u30b5\u30a4\u30c8\u30b9\u30af\u30ea\u30d7\u30c6\u30a3\u30f3\u30b0\u653b\u6483\u306b\u5bfe\u3059\u308b\u30b5\u30a4\u30c8\u306e\u8010\u6027\u304c\u5411\u4e0a\u3055\u305b\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u3053\u306e\u8a18\u4e8b\u3067\u306f\u3001\u9069\u5207\u306a\u30d8\u30c3\u30c0\u306e\u8a2d\u5b9a\u65b9\u6cd5\u3092\u4f8b\u3068\u3068\u3082\u306b\u8aac\u660e\u3057\u307e\u3059\u3002", "localization_tags": [], "locale": "ja", "last_edit": "2016-02-13T01:58:36", "review_tags": []}, {"uuid": "a5833d69-cfcd-4dac-b7f7-70231255f4a3", "title": "Using Content Security Policy", "url": "/ko/docs/Security/CSP/Using_Content_Security_Policy", "tags": [], "summary": "Content Security Policy\uc744 \uc124\uc815\ud558\ub294 \uac83\uc740 \uc5b4\ub5a4 \uc815\ucc45\uc744 \uc2e4\ud589\ud558\uac8c \ud560 \uac83\uc778\uc9c0\ub97c \uacb0\uc815\ud558\ub294 \uac83\uc744 \ud3ec\ud568\ud558\uace0 \uc774\ub7f0 \uc815\ucc45 \uc2e4\ud589 \ubd80\ubd84\uc744\u00a0Content-Security-Policy \ud5e4\ub354\ub97c \uc0ac\uc6a9\ud574\uc11c \uc815\ucc45\uc744 \uc2e4\ud589\ud558\uac8c \uc124\uc815\ud558\ub294 \uac83\uc785\ub2c8\ub2e4.", "localization_tags": [], "locale": "ko", "last_edit": "2013-07-12T04:20:01", "review_tags": []}, {"uuid": "958ddcfd-448e-4fe3-9643-a01e28f72280", "title": "\u4f7f\u7528\u5185\u5bb9\u5b89\u5168\u7b56\u7565", "url": "/zh-CN/docs/Web/Security/CSP/Using_Content_Security_Policy", "tags": ["\u5b89\u5168", "\u5185\u5bb9\u5b89\u5168\u7b56\u7565"], "summary": "Configuring Content Security Policy involves\u00a0adding the Content-Security-Policy
HTTP header to a web page and giving it values to control resources the user agent is allowed to load for that page. For example, a page that uploads and displays images could allow images from anywhere, but restrict a form action to a specific endpoint. A properly designed Content Security Policy helps protect a page against a cross site scripting attack. This article explain how to construct such headers properly, and provides examples.", "localization_tags": [], "locale": "zh-CN", "last_edit": "2015-04-24T20:22:52", "review_tags": []}], "modified": "2015-04-23T02:51:11", "label": "Using Content Security Policy", "localization_tags": [], "locale": "en-US", "id": 281, "last_edit": "2015-04-23T02:51:09", "summary": "Configuring Content Security Policy involves\u00a0adding the Content-Security-Policy
HTTP header to a web page and giving it values to control resources the user agent is allowed to load for that page. For example, a page that uploads and displays images could allow images from anywhere, but restrict a form action to a specific endpoint. A properly designed Content Security Policy helps protect a page against a cross site scripting attack. This article explain how to construct such headers properly, and provides examples.", "sections": [{"id": "Specifying_your_policy", "title": "Specifying your policy"}, {"id": "Writing_a_policy", "title": "Writing a policy"}, {"id": "Examples_Common_use_cases", "title": "Examples:\u00a0Common use cases"}, {"id": "Example_1", "title": "Example 1"}, {"id": "Example_2", "title": "Example 2"}, {"id": "Example_3", "title": "Example 3"}, {"id": "Example_4", "title": "Example 4"}, {"id": "Example_5", "title": "Example 5"}, {"id": "Testing_your_policy", "title": "Testing your policy"}, {"id": "See_also", "title": "See also"}], "slug": "Web/Security/CSP/Using_Content_Security_Policy", "review_tags": []}