Content Security Policy Draft Published
The Web Application Security Working Group has published the First Public Working Draft of Content Security Policy. This document defines Content Security Policy, a mechanism web applications can use to mitigate the broad class of content injection vulnerabilities, such as cross-site scripting (XSS). Content Security Policy is a declarative policy that lets the authors (or server administrators) of a web application restrict from where the application can load resources. Learn more about the Security Activity.