CSP Pitfalls and Gotchas
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the intricacies of Content Security Policy (CSP) implementation in this 15-minute lightning talk from AppSec EU 2017. Delve into common pitfalls and gotchas associated with CSP, covering topics such as whitelist issues, Same-Origin Policy, and unsafe inline practices. Learn effective strategies to overcome these challenges and gain insights on building a perfect framework for robust web application security. Presented by Ilya Nesterov and managed by the official OWASP Media Project, this concise yet informative session provides valuable knowledge for web developers and security professionals looking to enhance their understanding of CSP best practices.
Syllabus
Introduction
Whitelist Issues
SameOrigin Policy
Unsafe Inline
What to do
Build Perfect Framework
Summary
Taught by
OWASP Foundation
Related Courses
AJAX Authentication and Cross-Origin RequestsPackt via Coursera Web Security: Same-Origin Policies
LinkedIn Learning Surfing the Sea and Drowning in Tabs - An Introduction to Cross Site Request Forgery
YouTube Client-Side Protection Against DOM-Based XSS Done Right
OWASP Foundation via YouTube The Timing Attacks They Are A-Changin' - Web-based and Browser-based Timing Attack Techniques
OWASP Foundation via YouTube