📝 Fix typo

[ci skip]
This commit is contained in:
Yuya Ochiai 2017-01-20 23:45:39 +09:00
parent 8a22139d57
commit a7a3aa848e

View file

@ -56,7 +56,7 @@ This is not bulletproof, but at the least, you should attempt the following:
* Only display secure (https) content * Only display secure (https) content
* Disable the Node integration in all renderers that display remote content * Disable the Node integration in all renderers that display remote content
(setting `nodeIntegration` to `false` in `webPreferences`) (setting `nodeIntegration` to `false` in `webPreferences`)
* Enable context isolation in all rendererers that display remote content * Enable context isolation in all renderers that display remote content
(setting `contextIsolation` to `true` in `webPreferences`) (setting `contextIsolation` to `true` in `webPreferences`)
* Do not disable `webSecurity`. Disabling it will disable the same-origin policy. * Do not disable `webSecurity`. Disabling it will disable the same-origin policy.
* Define a [`Content-Security-Policy`](http://www.html5rocks.com/en/tutorials/security/content-security-policy/) * Define a [`Content-Security-Policy`](http://www.html5rocks.com/en/tutorials/security/content-security-policy/)