Difference between revisions of "Content Security Policy"
From MgmtWiki
(Created page with "==Full Title or Meme== Content Security Policy is a mechanism designed to make applications more secure against common web vulnerabilities, particularly cross-site scripti...") |
(No difference)
|
Revision as of 11:53, 4 December 2018
Full Title or Meme
Content Security Policy is a mechanism designed to make applications more secure against common web vulnerabilities, particularly cross-site scripting. It is enabled by setting the Content-Security-Policy HTTP response header.
Context
- As a part of having a Trusted Identity in Cyberspace a series of Framework Profiles have been created to allow digital Entities to give users a statement about the policies that they support.
Problems
Solutions
References
- On "with google" Content Security Policy
- OWASP presentations So we broke all CSPs and what happened next.
- Trusted Location