Entry Point Regulation (EPR)
| Document Name: | W3C TR http://www.w3.org/TR/epr |
|---|---|
| Document URI: |
http://www.w3.org/TR/epr
|
| Online Version: |
http://www.w3.org/TR/epr
|
| Organization: | World Wide Web Consortium (W3C) |
| Series: | Technical Report (TR) |
| Abstract: | Entry Point Regulation aims to mitigate the risk of reflected cross-site scripting (XSS), cross-site script inclusion (XSSI), and cross-site request forgery (CSRF) attacks by demarcating the areas of an application which are intended to be externally referencable. A specified policy is applied on external requests for all non-demarcated resources. |
Specified Web Concepts:
HTTP Header Fields
EPR
Return to ( Series | Organization | all Specifications )