CSP Declaring Security

Mozilla’s Content Security Policy (CSP) draft spec is a mechanism for declarative security, whereby a site communicates its intent and leaves it up to the user-agent to determine how to enforce it. The ideas behind the CSP draft are not new, and it is but one of many proposals for declarative security, from BEEP to HTML5 sandboxing.  […]

Mozilla’s Content Security Policy (CSP) draft spec is a mechanism for declarative security, whereby a site communicates its intent and leaves it up to the user-agent to determine how to enforce it. The ideas behind the CSP draft are not new, and it is but one of many proposals for declarative security, from BEEP to HTML5 sandboxing.  In some respects it overlaps with other mechanisms for restricting script, although if CSP is successful, new directives will likely be created to provide uniform specification of the available policies, said Eric Lawrence on IE blog.

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.