Document Name: W3C TR http://www.w3.org/TR/epr
Document URI: http://www.w3.org/TR/epr
Online Version: http://www.w3.org/TR/epr
Organization: World Wide Web Consortium (W3C)
Series: Technical Report (TR)
Abstract: Entry Point Regulation aims to mitigate the risk of reflected cross-site scripting (XSS), cross-site script inclusion (XSSI), and cross-site request forgery (CSRF) attacks by demarcating the areas of an application which are intended to be externally referencable. A specified policy is applied on external requests for all non-demarcated resources.



Specified Web Concepts:

HTTP Header Fields

EPR


Return to ( Series | Organization | all Specifications )