![]() allow-presentation: Lets the resource start a presentation session (en-US).For example, this can safely sandbox an advertisement without forcing the same restrictions upon the page the ad links to. allow-popups-to-escape-sandbox: Lets the sandboxed document open new windows without those windows inheriting the sandboxing.If this keyword is not used, the popup will silently fail to open. allow-popups: Allows popups (such as window.open(), target="_blank", or showModalDialog()).allow-pointer-lock: Lets the resource use the Pointer Lock API.allow-orientation-lock: Lets the resource lock the screen orientation (en-US).allow-modals: Lets the resource open modal windows.If this keyword is not used, form submission is blocked. allow-forms: Allows the resource to submit forms.The value of the attribute can either be empty to apply all restrictions, or space-separated tokens to lift particular restrictions: This value is unsafe, because it leaks origins and paths from TLS-protected resources to insecure origins.Īpplies extra restrictions to the content in the frame. unsafe-url: The referrer will include the origin and the path (but not the fragment (en-US), password (en-US), or username (en-US) ).strict-origin-when-cross-origin: Send a full URL when performing a same-origin request, only send the origin when the protocol security level stays the same (HTTPS→HTTPS), and send no header to a less secure destination (HTTPS→HTTP).strict-origin: Only send the origin of the document as the referrer when the protocol security level stays the same (HTTPS→HTTPS), but don't send it to a less secure destination (HTTPS→HTTP).same-origin: A referrer will be sent for same origin (en-US), but cross-origin requests will contain no referrer information.Navigations on the same origin will still include the path. origin-when-cross-origin: The referrer sent to other origins will be limited to the scheme, the host, and the port.origin: The sent referrer will be limited to the origin of the referring page: its scheme, host, and port.no-referrer-when-downgrade (default): The Referer header will not be sent to origin (en-US)s without TLS (en-US) ( HTTPS). ![]() no-referrer: The Referer header will not be sent.Indicates which referrer (en-US) to send when fetching the frame's resource: En el parámetro windowName en el método window.open().En el atributo formtarget de los elementos y.En el atributo target de los elementos, y.Nombre objetivo para el contexto de navegación incrustado. low: El recurso debe ser descargado después de otros recursos de alta-prioridad de los recursos de la página.high: El recurso debe ser descargado antes que otros recursos de baja-prioridad de los recursos de la página.El buscador utiliza sus propias heurísticas para decidir la prioridad del recurso. La prioridad de descarga en el recurso para el atributo src del. ![]() Indica la altura del frame en HTML5 en píxeles CSS, o en HTML4.01 en píxeles o como un porcentaje. Vea HTMLIFrameElement.csp (en-US) para detalles. Una Politica de Seguridad del Contenido aplicada para el recurso incrustado. Nota: Se considera un atributo heredado y se redefine como allow="payment".
0 Comments
Leave a Reply. |