RE: AN INTRODUCTION TO CONTENT SECURITY POLICY

À̵¿¿µ ¹Ú»ç´Ô.
°¨»çÇÕ´Ï´Ù^^ 2¿ù ȸÀǶ§ Çϼŵµ µË´Ï´Ù^^ ÀÏÁ¤¸¸ ¹Ì¸® ¾Ë·ÁÁÖ¼¼¿ä~

ÀÌ¿ø¼® µå¸².
2012. 12. 20. ¿ÀÀü 10:13¿¡ "Dong-Young Lee" <dongyoung.lee@lge.com>´ÔÀÌ ÀÛ¼º:

> ÀÌ¿ø¼® ¹Ú»ç´Ô ¾È³çÇϼ¼¿ä.****
>
> ³×, ±×·¸°Ô ÇÏÁö¿ä.  (CommentÇÏ¸é ½ÃÅ°½Ç±îºÁ Çұ±î Çß¾ú´Âµ¥¡¦ ¿ª½Ã³ª³×¿ä. J )****
>
> Ȥ½Ã 1¿ù¿¡ ½Ã°£ÀÌ ¾ÈµÇ¸é ±× ´ÙÀ½ ´Þ¿¡ Çصµ µÇ°ÚÁö¿ä?****
>
> °¨»çÇÕ´Ï´Ù.****
>
> ** **
>
> À̵¿¿µ µå¸²****
>
> ** **
>
> *From:* Wonsuk Lee [mailto:wonsuk73@gmail.com]
> *Sent:* Thursday, December 20, 2012 9:54 AM
> *To:* Dong-Young Lee
> *Cc:* public-html-ig-ko@w3.org
> *Subject:* Re: AN INTRODUCTION TO CONTENT SECURITY POLICY****
>
> ** **
>
> À̵¿¿µ ¹Ú»ç´Ô.****
>
> Á¦°¡ ÀÌÇØÇÑ ¹Ù·Î´Â CSP´Â HTTP Header¿¡ Ãß°¡ÀûÀ¸·Î ±¸ÇöÀ» ÇÒ ºÎºÐÀº ¾øÀ» °Í °°½À´Ï´Ù^^****
>
> ±×¸®°í Ȥ½Ã 1¿ù KIG ȸÀÇ¿¡¼­ CSP¿Í CORS¿¡ ´ëÇؼ­ Á¤¸®Çؼ­ ¹ßÇ¥ÇØ ÁÖ½Ç ¼ö ÀÖÀ»±î¿ä?****
>
> Âü°í·Î 1¿ù KIG ȸÀÇ´Â 1/24ÀÏ(¸ñ)¿¡ NHN »ç¿Á¿¡¼­ ȸÀǸ¦ °³ÃÖÇÒ ¿¹Á¤ÀÔ´Ï´Ù~****
>
> ** **
>
> ÀÌ¿ø¼® µå¸².
>
> ****
>
> 2012³â 11¿ù 19ÀÏ ¿ÀÀü 10:05, Dong-Young Lee <dongyoung.lee@lge.com>´ÔÀÇ ¸»:****
>
>
> ¸»¾¸ÇϽŠ°Íó·³ same origin policy°¡ ´ë¿øÄ¢Àε¥, legacy code¿Í ±× µ¿¾ÈÀÇ
> ½À°ü ¶§¹®¿¡ À̸¦ enforceÇÏ´Â °ÍÀÌ ½±Áö ¾ÊÀº »óȲÀÎ °ÍÀ¸·Î º¸ÀÔ´Ï´Ù.
>
> Á¦°¡ ÀÌÇØÇϱâ·Î´Â CORS³ª CSP³ª ¸ðµÎ HTTP header·Î µ¿ÀÛÇϱ⠶§¹®¿¡ ¼­¹ö
> Áö¿øÀÌ ÇÊ¿äÇÕ´Ï´Ù¸¸, ¼­¹ö¿¡¼­ ±¸ÇöÇÒ ³»¿ëÀº ¾ó¸¶ µÇÁö ¾ÊÀ» °Í °°½À´Ï´Ù.
>
> CORS¿Í CSPÀÇ Â÷ÀÌÁ¡Àº CORS´Â resource¸¦ ÁÖ´Â ÂÊ (Æ÷ÇԵǴ ÂÊ), CSP´Â ¹Þ´Â
> ÂÊ (Æ÷ÇÔÇÏ´Â ÂÊ)ÀÇ policy¶ó´Â Á¡ÀÔ´Ï´Ù.  ÀúÇÑÅ×´Â CSP°¡ ´õ Á÷°üÀûÀ̳׿ä.
>
> °¨»çÇÕ´Ï´Ù.****
>
>
>
> ****
>
> ** **
>
> --
>
> =========================================
> ÀÌ ¿ø ¼® (Wonsuk, Lee) / Principal Engineer, Ph.D
> SAMSUNG ELECTRONICS Co., LTD. (ß²àøï³í­)
> Mobile: +82-10-5800-3997
> E-mail: wonsuk11.lee@samsung.com, wonsuk73@gmail.com
> http://www.wonsuk73.com/, twitter: @wonsuk73
> -----------------------------------------
> Inspire the World, Create the Future !!!
> =========================================****
>

Received on Thursday, 20 December 2012 01:20:34 UTC