This page summarizes the relationships among specifications, whether they are finished standards or drafts. Below, each title
links to the most recent version of a document.
Drafts
Below are draft documents:
other Working Drafts.
Some of these may become Web Standards through the W3C Recommendation Track
process. Others may be published as Group Notes or
become obsolete specifications.
Other Working Drafts
|
2011-11-29
|
Content Security Policy is a mechanism web applications can use to
mitigate the broad class of content injection vulnerabilities, such as
cross-site scripting (XSS). Content Security Policy is a declarative policy
that lets the authors (or server administrators) of a web application
restrict from where the application can load resources.
|
|
2011-07-21
|
This specification defines the From-Origin response header - a way for resources to declare they are unavailable within an embedding context.
|
|
2010-07-27
|
This document defines a mechanism to enable client-side cross-origin requests.
|
|
2010-01-26
|
The Uniform Messaging Policy (UMP) enables cross-site messaging that avoids Cross-Site-Request-Forgery and similar attacks that abuse HTTP cookies and other credentials.
|
W3C
