diff options
| author | tsepez@chromium.org <tsepez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-30 20:55:31 +0000 |
|---|---|---|
| committer | tsepez@chromium.org <tsepez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-30 20:55:31 +0000 |
| commit | 2f9efa9d71b19e41ac945cd194d37006e28a4591 (patch) | |
| tree | f83de199d3fc7e9b9a4e7c041f6c24b805b178b8 /chrome/browser/resources/policy.html | |
| parent | bb36d82adbfa20d4fa5998c7c28c934b68432437 (diff) | |
| download | chromium_src-2f9efa9d71b19e41ac945cd194d37006e28a4591.zip chromium_src-2f9efa9d71b19e41ac945cd194d37006e28a4591.tar.gz chromium_src-2f9efa9d71b19e41ac945cd194d37006e28a4591.tar.bz2 | |
Apply content-security-policy directive to chrome://policy page. WebUI pages should specify CSP as a second line of defense against XSS vulnerabilities.
Review URL: http://codereview.chromium.org/8102003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@103541 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/resources/policy.html')
| -rw-r--r-- | chrome/browser/resources/policy.html | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/chrome/browser/resources/policy.html b/chrome/browser/resources/policy.html index f37f7f2..bb61d67 100644 --- a/chrome/browser/resources/policy.html +++ b/chrome/browser/resources/policy.html @@ -3,6 +3,7 @@ <head> <meta charset="utf-8"> <title i18n-content="policyTitle"></title> +<include src="content_security_policy.html"/> <link rel="stylesheet" href="chrome://resources/css/button.css"> <link rel="stylesheet" href="policy.css"> <link rel="stylesheet" href="webui.css"> |