Defeating Cross-site Scripting with Content Security Policy 2

Content Security Policy (CSP) is a W3C standard that limits what a browser may do, which helps prevent many common attacks, including Cross-site Scripting. This course will teach you all relevant CSP features and which browsers they work in.

Cross-site scripting (XSS) is one of the major threats against web applications, with successful attacks every day. In this course, Defeating Cross-site Scripting with Content Security Policy, you'll learn how to put an end to this and other threats against your applications. First, you'll learn about the W3C standard Content Security Policy (CSP), which versions exist and features they bring. Next, you'll develop an understanding of how CSP restricts what content the browser is allowed to load and execute. Finally, you'll explore exactly how to use this approach to secure your sites. When you're finished with this course, you'll be ready to apply CSP to your web applications, and protect them from XSS and other attacks.

• Course Overview 2mins
• Getting Started 21mins
• Implementing CSP for Everyone: Version 1 39mins
• Leveraging Advanced Content Security Policy Features: Version 2 36mins
• Getting Applications Ready for Content Security Policy 27mins
• Looking Forward: Upcoming Features in CSP 3 15mins