You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For example, an app can restrict scripts to their own origin by setting: Content-Security-Policy: script-src 'self';
In the example above, webnode.js would not be allowed to run.
However to allow the webnode script to run, authors need to include the resource origin for webnode.js like so: Content-Security-Policy: script-src 'self' https://oyster.ws;.
Providing documentation on this could help applications implement and run webnode within a safer context.
The text was updated successfully, but these errors were encountered:
Developers may choose to use Content Security Policy (CSP), Feature Policy (FP) and
Subresource Integrity (SRI) to control what their apps may or may not load cross-origin.
For example, an app can restrict scripts to their own origin by setting:
Content-Security-Policy: script-src 'self';In the example above, webnode.js would not be allowed to run.
However to allow the webnode script to run, authors need to include the resource origin for webnode.js like so:
Content-Security-Policy: script-src 'self' https://oyster.ws;.Providing documentation on this could help applications implement and run webnode within a safer context.
The text was updated successfully, but these errors were encountered: