{"json_modified": "2015-04-24T20:23:02.451650", "slug": "Web/Security/CSP/Using_Content_Security_Policy", "tags": ["\u5b89\u5168", "\u5185\u5bb9\u5b89\u5168\u7b56\u7565"], "locale": "zh-CN", "title": "\u4f7f\u7528\u5185\u5bb9\u5b89\u5168\u7b56\u7565", "translations": [{"title": "Using Content Security Policy", "url": "/en-US/docs/Web/Security/CSP/Using_Content_Security_Policy", "tags": ["Security", "Content Security Policy"], "summary": "Configuring Content Security Policy involves\u00a0adding the <code>Content-Security-Policy</code> HTTP header to a web page and giving it values to control resources the user agent is allowed to load for that page. For example, a page that uploads and displays images could allow images from anywhere, but restrict a form action to a specific endpoint. A properly designed Content Security Policy helps protect a page against a cross site scripting attack. This article explain how to construct such headers properly, and provides examples.", "localization_tags": [], "locale": "en-US", "last_edit": "2015-04-23T02:51:09", "review_tags": []}, {"title": "Using Content Security Policy", "url": "/ja/docs/Security/CSP/Using_Content_Security_Policy", "tags": ["Security", "Content Security Policy"], "summary": "Content Security Policy \u3092\u8a2d\u5b9a\u3059\u308b\u3053\u3068\u306f\u3001\u5b9f\u65bd\u3057\u305f\u3044\u30dd\u30ea\u30b7\u30fc\u3092\u6c7a\u5b9a\u3059\u308b\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002\u30dd\u30ea\u30b7\u30fc\u3092\u6c7a\u5b9a\u3057\u305f\u3089\u3001\u3053\u308c\u3089\u3092\u8a2d\u5b9a\u3057\u3001\u3042\u306a\u305f\u306e\u30dd\u30ea\u30b7\u30fc\u3092\u78ba\u7acb\u3059\u308b\u305f\u3081\u306b <code>Content-Security-Policy</code> \u3092\u4f7f\u7528\u3057\u307e\u3059\u3002", "localization_tags": [], "locale": "ja", "last_edit": "2013-07-24T07:26:49", "review_tags": []}, {"title": "Using Content Security Policy", "url": "/ko/docs/Security/CSP/Using_Content_Security_Policy", "tags": [], "summary": "Content Security Policy\uc744 \uc124\uc815\ud558\ub294 \uac83\uc740 \uc5b4\ub5a4 \uc815\ucc45\uc744 \uc2e4\ud589\ud558\uac8c \ud560 \uac83\uc778\uc9c0\ub97c \uacb0\uc815\ud558\ub294 \uac83\uc744 \ud3ec\ud568\ud558\uace0 \uc774\ub7f0 \uc815\ucc45 \uc2e4\ud589 \ubd80\ubd84\uc744\u00a0<span style=\"font-family: 'Courier New', 'Andale Mono', monospace; line-height: inherit;\">Content-Security-Policy \ud5e4\ub354\ub97c \uc0ac\uc6a9\ud574\uc11c \uc815\ucc45\uc744 \uc2e4\ud589\ud558\uac8c \uc124\uc815\ud558\ub294 \uac83\uc785\ub2c8\ub2e4.</span>", "localization_tags": [], "locale": "ko", "last_edit": "2013-07-12T04:20:01", "review_tags": []}], "modified": "2015-04-24T20:23:01", "label": "\u4f7f\u7528\u5185\u5bb9\u5b89\u5168\u7b56\u7565", "localization_tags": [], "url": "/zh-CN/docs/Web/Security/CSP/Using_Content_Security_Policy", "last_edit": "2015-04-24T20:22:52", "summary": "Configuring Content Security Policy involves\u00a0adding the <code>Content-Security-Policy</code> HTTP header to a web page and giving it values to control resources the user agent is allowed to load for that page. For example, a page that uploads and displays images could allow images from anywhere, but restrict a form action to a specific endpoint. A properly designed Content Security Policy helps protect a page against a cross site scripting attack. This article explain how to construct such headers properly, and provides examples.", "sections": [{"id": "Specifying_your_policy", "title": "Specifying your policy"}, {"id": "Writing_a_policy", "title": "Writing a policy"}, {"id": "Examples.3A_Common_use_cases", "title": "Examples:\u00a0Common use cases"}, {"id": "Example_1", "title": "Example 1"}, {"id": "Example_2", "title": "Example 2"}, {"id": "Example_3", "title": "Example 3"}, {"id": "Example_4", "title": "Example 4"}, {"id": "Example_5", "title": "Example 5"}, {"id": "Testing_your_policy", "title": "Testing your policy"}, {"id": "See_also", "title": "See also"}], "id": 147945, "review_tags": []}