239-919-3646 Webmaster Naples FL

The Web Application Security Working Group has published 3 Notes:

  • Content Security Policy: Cookie Controls: This Note provides a historical reference for a proposed set of mechanisms by which web developers can limit the ways in which cookies may be set in the context of their sites and applications.
  • Content Security Policy: Pinning: This Note provides a historical reference for a proposed mechanism to allow authors to instruct user agents to remember (“pin”) and enforce a Content Security Policy for a set of hosts for a period of time.
  • Entry Point Regulation: This Note provides a historical reference for a proposed mechansim to mitigate the risk of reflected cross-site scripting (XSS), cross-site script inclusion (XSSI), and cross-site request forgery (CSRF) attacks by demarcating the areas of an application which are intended to be externally referencable. A specified policy is applied on external requests for all non-demarcated resources.


Publication – W3C News