docs: makes note of HTTP header CSP usage with file:// (#14768)
This commit is contained in:
parent
9890d1e251
commit
d7d4b8638d
1 changed files with 4 additions and 2 deletions
|
@ -374,8 +374,10 @@ session.defaultSession.webRequest.onHeadersReceived((details, callback) => {
|
||||||
|
|
||||||
### CSP Meta Tag
|
### CSP Meta Tag
|
||||||
|
|
||||||
CSP's preferred delivery mechanism is an HTTP header. It can be useful, however,
|
CSP's preferred delivery mechanism is an HTTP header, however it is not possible
|
||||||
to set a policy on a page directly in the markup using a `<meta>` tag:
|
to use this method when loading a resource using the `file://` protocol. It can
|
||||||
|
be useful in some cases, such as using the `file://` protocol, to set a policy
|
||||||
|
on a page directly in the markup using a `<meta>` tag:
|
||||||
|
|
||||||
```html
|
```html
|
||||||
<meta http-equiv="Content-Security-Policy" content="default-src 'none'">
|
<meta http-equiv="Content-Security-Policy" content="default-src 'none'">
|
||||||
|
|
Loading…
Reference in a new issue