CSP Pitfalls and Gotchas
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the intricacies of Content Security Policy (CSP) implementation in this 15-minute lightning talk from AppSec EU 2017. Delve into common pitfalls and gotchas associated with CSP, covering topics such as whitelist issues, Same-Origin Policy, and unsafe inline practices. Learn effective strategies to overcome these challenges and gain insights on building a perfect framework for robust web application security. Presented by Ilya Nesterov and managed by the official OWASP Media Project, this concise yet informative session provides valuable knowledge for web developers and security professionals looking to enhance their understanding of CSP best practices.
Syllabus
Introduction
Whitelist Issues
SameOrigin Policy
Unsafe Inline
What to do
Build Perfect Framework
Summary
Taught by
OWASP Foundation
Related Courses
Web Security: Same-Origin PoliciesLinkedIn Learning Client-Side Protection Against DOM-Based XSS Done Right
OWASP Foundation via YouTube The "Web/Local" Boundary Is Fuzzy - A Security Study of Chrome's Process-based Sandboxing
Association for Computing Machinery (ACM) via YouTube Browsers Gone Wild
Black Hat via YouTube Bypassing Browser Security Policies for Fun and Profit
Black Hat via YouTube