script-src

script-src

[1] Close #384: add CSP hooks to handle inline events and style · whatwg/html@920c918 ( 版) https://github.com/whatwg/html/commit/920c9183a7990968ecac1aeedae22391f3438791

[2] 'script-src' was a bit broken for workers. (mikewest著, ) https://github.com/w3c/webappsec-csp/commit/20b919303d3a333209dcefebee194a27214d0c16

[3] Adds "audioworklet" and "paintworklet" as destinations. by bfgeek · Pull Request #527 · whatwg/fetch () https://github.com/whatwg/fetch/pull/527

[4] Clarify navigation behavior for 'script-src'. (mikewest著, ) https://github.com/w3c/webappsec-csp/commit/7a4577c7975c8afdac0c0fc5a5493059b5660742

[5] Restrict <meta http-equiv=set-cookie> by annevk · Pull Request #3011 · whatwg/html () https://github.com/whatwg/html/pull/3011

[6] Added new directives for more granular script and style policies (#325) (andypaicu著, ) https://github.com/w3c/webappsec-csp/commit/3ff48504a825497488802db3b3d0e677bc88629a

[7] Added new directives for more granular script and style policies by andypaicu · Pull Request #325 · w3c/webappsec-csp () https://github.com/w3c/webappsec-csp/pull/325

[8] Specified worker-src in script-src description (#335) (andypaicu著, ) https://github.com/w3c/webappsec-csp/commit/881adb2528c58b1ed236e029e216fce2b362d62b

[9] script-src chapter should mention worker-src · Issue #234 · w3c/webappsec-csp () https://github.com/w3c/webappsec-csp/issues/234