diff options
| author | Arthur Nogueira Neves <arthurnn@gmail.com> | 2014-04-05 12:03:45 -0400 |
|---|---|---|
| committer | Arthur Nogueira Neves <arthurnn@gmail.com> | 2014-04-05 12:03:45 -0400 |
| commit | c45939ea2c7b42030afa2bce2de0681aba0777b6 (patch) | |
| tree | 8d7f7d9ef1497d3a093894f189bc68a3fba025af | |
| parent | 8d1c7037278f7f0ca94d47bca7de9922d5b8a4e9 (diff) | |
| parent | 3779c1d45e89d798f53b71f98ba3e6030c0d08a7 (diff) | |
| download | rails-c45939ea2c7b42030afa2bce2de0681aba0777b6.tar.gz rails-c45939ea2c7b42030afa2bce2de0681aba0777b6.tar.bz2 rails-c45939ea2c7b42030afa2bce2de0681aba0777b6.zip | |
Merge pull request #14612 from acallaghan/patch-1
W3C CSP document moved to gihub.io URL [ci skip]
| -rw-r--r-- | guides/source/security.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/guides/source/security.md b/guides/source/security.md index a40c99cbfd..9603fb4a4d 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -1003,7 +1003,7 @@ _'1; mode=block' in Rails by default_ - use XSS Auditor and block page if XSS at * X-Content-Type-Options _'nosniff' in Rails by default_ - stops the browser from guessing the MIME type of a file. * X-Content-Security-Policy -[A powerful mechanism for controlling which sites certain content types can be loaded from](http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html) +[A powerful mechanism for controlling which sites certain content types can be loaded from](http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html) * Access-Control-Allow-Origin Used to control which sites are allowed to bypass same origin policies and send cross-origin requests. * Strict-Transport-Security |