MozillaWiki

Security/Origin: Difference between revisions

Page Discussion

Security/Origin (view source)

Revision as of 20:46, 14 July 2009

2 bytes added ,  14 July 2009
m
→‎Origin header proposal for CSRF and clickjacking mitigation
No edit summary
Line 1: Line 1:
<i>The HTTP Request header Sec-From, has changed from "Origin" to avoid conflict with the similarly named header in [http://www.w3.org/TR/2009/WD-cors-20090317/ Cross-Origin Resource Sharing].</i>
<i>The HTTP Request header Sec-From, has changed from "Origin" to avoid conflict with the similarly named header in [http://www.w3.org/TR/2009/WD-cors-20090317/ Cross-Origin Resource Sharing].</i>


= Origin header proposal for CSRF and clickjacking mitigation =
= Sec-From header proposal for CSRF and clickjacking mitigation =
This page contains collected thoughts generated in discussion and deep thinking about implementing some type of [http://people.mozilla.org/~bsterne/content-security-policy/origin-header-proposal.html Origin-like header].
This page contains collected thoughts generated in discussion and deep thinking about implementing some type of [http://people.mozilla.org/~bsterne/content-security-policy/origin-header-proposal.html Origin-like header].


Sidstamm
canmove, Confirmed users
1,537

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/155246"