Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #14612 from acallaghan/patch-1

W3C CSP document moved to gihub.io URL [ci skip]
  • Loading branch information...
commit c45939ea2c7b42030afa2bce2de0681aba0777b6 2 parents 8d1c703 + 3779c1d
@arthurnn arthurnn authored
Showing with 1 addition and 1 deletion.
  1. +1 −1  guides/source/security.md
View
2  guides/source/security.md
@@ -1003,7 +1003,7 @@ _'1; mode=block' in Rails by default_ - use XSS Auditor and block page if XSS at
* X-Content-Type-Options
_'nosniff' in Rails by default_ - stops the browser from guessing the MIME type of a file.
* X-Content-Security-Policy
-[A powerful mechanism for controlling which sites certain content types can be loaded from](http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html)
+[A powerful mechanism for controlling which sites certain content types can be loaded from](http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html)
* Access-Control-Allow-Origin
Used to control which sites are allowed to bypass same origin policies and send cross-origin requests.
* Strict-Transport-Security
Please sign in to comment.
Something went wrong with that request. Please try again.