Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

馃洡 Web Content Security Policy #3

Open
binji opened this Issue Oct 16, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@binji
Copy link
Member

binji commented Oct 16, 2018

This is a tracking issue for a post-MVP feature
It will be updated as the issue progresses.

Topic Content Security Policy
Champion none
Status in progress
Phase Feature proposal
Linked issues WebAssembly/design#1092 WebAssembly/design#205 WebAssembly/design#972
Linked repositories github.com/WebAssembly/content-security-policy

Details

Details

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware.

In the context of WebAssembly, CSP can:

  • Forbid usage of WebAssembly for developers who opted in to CSP before WebAssembly existed.
  • Allow finer-grained control of JavaScript restrictions (including unsafe-eval) versus WebAssembly using new CSP mechanisms.

References:

@WebAssembly WebAssembly locked and limited conversation to collaborators Oct 16, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can鈥檛 perform that action at this time.