- From: Wonsuk Lee <wonsuk73@gmail.com>
- Date: Sat, 17 Nov 2012 16:04:21 +0900
- To: <public-html-ig-ko@w3.org>
Received on Saturday, 17 November 2012 07:04:45 UTC
¾È³çÇϼ¼¿ä. Web App¿¡¼ º¸¾È¿¡ ´ëÇÑ À̽´µéÀÌ ÀÖ½À´Ï´Ù. °¡Àå ÀϹÝÀûÀÎ °³³äÀº same origin policyÀ̸ç, ÀÌ¿Ü¿¡µµ CORS(Cross Origin Resource Sharing)ÀÌ Àִµ¥ CORSÀÇ °³³äÀº Server¿¡¼ °ü·Ã ±â´ÉÀ» Áö¿øÇØ¾ß Çϱ⠶§¹®¿¡ DeployÇϱⰡ ½±Áö ¾Ê´Ù´Â ´ÜÁ¡ÀÌ ÀÖ½À´Ï´Ù. ÀÌ·± »óȲ¿¡¼ CSP(CONTENT SECURITY POLICY)°¡ Áß¿äÇÑ Ç¥ÁØÀ¸·Î ´ëµÎ°¡ µÇ°í ÀÖ½À´Ï´Ù. ¸¶Ä§ HTML5ROCKS¿¡ Àß Á¤¸®µÈ articleÀÌ ÀÖ¾î °¡´ÉÇϸé Â÷±â KIG ȸÀÇ¿¡¼ º» ³»¿ëÀ» ´Ù·ç¾úÀ¸¸é ÇÕ´Ï´Ù~^^ [1], [2] ³»¿ëÀ» ±â¹ÝÀ¸·Î Á¤¸®ÇØÁÖ½Ç Volunteer¸¦ ã½À´Ï´Ù~^^ [1] http://www.html5rocks.com/en/tutorials/security/content-security-policy/ [2] http://www.w3.org/TR/CSP/ ÀÌ¿ø¼® µå¸².
Received on Saturday, 17 November 2012 07:04:45 UTC