Content-Security-Policy
2020. 8. 27. 12:00ㆍ문제와 이슈/front
CSP: upgrade-insecure-requests
The HTTP Content-Security-Policy (CSP) upgrade-insecure-requests directive instructs user agents to treat all of a site's insecure URLs (those served over HTTP) as though they have been replaced with secure URLs (those served over HTTPS). This directive is
developer.mozilla.org
HTML 메타 정보에 아래와 같이 content-security-policy를 설정할 경우 http로 호출하는 모든 리소스가 자동으로 https로 호출되는 보안기능이 존재한다.
<meta http-equiv="content-Security-Policy" content="upgrade-insecure-requests">
'문제와 이슈 > front' 카테고리의 다른 글
| 01. Ipad OS 13이상에서 기종에 따른 UserAgent 값 (0) | 2020.04.08 |
|---|