myfaces-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lof...@apache.org
Subject svn commit: r1513059 - /myfaces/tobago/trunk/src/site/apt/migration-2.0.apt
Date Mon, 12 Aug 2013 07:15:45 GMT
Author: lofwyr
Date: Mon Aug 12 07:15:45 2013
New Revision: 1513059

URL: http://svn.apache.org/r1513059
Log:
add CSP hint

Modified:
    myfaces/tobago/trunk/src/site/apt/migration-2.0.apt

Modified: myfaces/tobago/trunk/src/site/apt/migration-2.0.apt
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/src/site/apt/migration-2.0.apt?rev=1513059&r1=1513058&r2=1513059&view=diff
==============================================================================
--- myfaces/tobago/trunk/src/site/apt/migration-2.0.apt (original)
+++ myfaces/tobago/trunk/src/site/apt/migration-2.0.apt Mon Aug 12 07:15:45 2013
@@ -34,8 +34,6 @@ Artifacts (JAR-Files)
 
 CSP
 
-  TODO
-
   Tobago supports Content Security Policy (SCP) to prevent cross-site
   scripting (XSS) and related attacks.
   Specification link http://www.w3.org/TR/CSP/
@@ -43,6 +41,8 @@ CSP
   All allowed sources for JavaScript, CSS and other resources have to be declared in special
header.
   If you have own renderers or own JavaScript in your application, this code also needs to
support SCP, to use this feature.
 
+  TODO: How to configure
+
 Java-API
 
    The class org.apache.myfaces.tobago.model.TreeState which has been deprecated in 1.5.x
is



Mime
View raw message