Document Name: W3C TR
Document URI:
Online Version:
Organization: World Wide Web Consortium (W3C)
Series: Technical Report (TR)
Abstract: Entry Point Regulation aims to mitigate the risk of reflected cross-site scripting (XSS), cross-site script inclusion (XSSI), and cross-site request forgery (CSRF) attacks by demarcating the areas of an application which are intended to be externally referencable. A specified policy is applied on external requests for all non-demarcated resources.

Specified Web Concepts:

HTTP Header Fields


Return to ( Series | Organization | all Specifications )