最終更新:2024-01-05 (金) 03:58:44 (114d)
reflected-xss
Top / reflected-xss
メモ
- The reflected-xss directive was removed from the CSP spec in 2016.
- But you can use the X-XSS-Protection header to get exactly the same effect reflected-xss was meant for.
- https://stackoverflow.com/questions/50575265/unrecognized-content-security-policy-directives-disown-opener-reflected-xss-r