Standards
Standards

Understand the various specifications, their maturity levels on the web standards track, and their adoption.
Explore web standards
Groups
Groups

A variety of groups develop Web Standards, guidelines, or supporting materials.
About W3C groups
Get involved
Get involved

W3C works at the nexus of core technology, industry needs, and societal needs.
Find ways to get involved
Resources
Resources

Master Web fundamentals, use our developer tools, or contribute code.
Learn from W3C resources
News and events
News and events

Recent content across news, blogs, press releases, media; upcoming events.
Follow news and events
About
About

Understand our values and principles, learn our history, look into our policies, meet our people.
Find out more about us
Search
My account

Entry Point Regulation Draft Published

Author(s) and publish date

Published:: 8 June 2015

The Web Application Security Working Group has published a Working Draft of Entry Point Regulation. Entry Point Regulation aims to mitigate the risk of reflected cross-site scripting (XSS), cross-site script inclusion (XSSI), and cross-site request forgery (CSRF) attacks by demarcating the areas of an application which are intended to be externally referencable. A specified policy is applied on external requests for all non-demarcated resources. Learn more about the Security Activity.

Related RSS feed

Subscribe to our news feed