We're looking for a user researcher to understand the needs of developers and designers. Is this you or someone you know? Check out the post: https://mzl.la/2IGzdXS

跳转到:

这篇翻译不完整。请帮忙从英语翻译这篇文章

Report-To HTTP响应头部指示客户端存储特定域名的报告端点。

Content-Security-Policy: ...; report-to groupname

该指令本身没有任何影响,仅与其他指令结合起来才有意义。

CSP version 1
指令类型 Reporting directive

<meta> 元素并不支持该指令

 

Syntax

 

Content-Security-Policy: report-to <json-field-value>;

Examples

可以查看Content-Security-Policy-Report-Only获取更多信息和示例。

Report-To: { "group": "csp-endpoint",
             "max-age": 10886400,
             "endpoints": [
               { "url": "https://example.com/csp-reports" }
             ] },
           { "group": "hpkp-endpoint",
             "max-age": 10886400,
             "endpoints": [
               { "url": "https://example.com/hpkp-reports" }
             ] }
Content-Security-Policy: ...; report-to csp-endpoint

 

Report-To: { "group": "endpoint-1",
             "max-age": 10886400,
             "endpoints": [
               { "url": "https://example.com/reports" },
               { "url": "https://backup.com/reports" }
             ] } 

Content-Security-Policy: ...; report-to endpoint-1

 

Browser compatibility

The compatibility table in this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.

FeatureChromeEdgeFirefoxInternet ExplorerOperaSafari
Basic support No No No No No No
FeatureAndroid webviewChrome for AndroidEdge mobileFirefox for AndroidOpera AndroidiOS SafariSamsung Internet
Basic support No No No No No No No

See also

 

文档标签和贡献者

此页面的贡献者: shevacjs
最后编辑者: shevacjs,