YoVDO

Evaluating the Effectiveness of Content Security Policy in the Wild

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Web Development Courses Cybersecurity Courses Cross-Site Scripting (XSS) Courses Content Security Policy Courses

Course Description

Overview

Explore the effectiveness of Content Security Policy (CSP) in real-world scenarios through this conference talk presented at CCS 2016. Delve into the intricacies of CSP, examining its implementation, browser support, and potential inconsistencies. Analyze the adoption rates, configuration practices, and the evolution of CSP deployment. Gain insights into harsh policies and their impact on cross-site scripting (XSS) vulnerabilities. Learn about the research goals, methodologies, and key findings presented by authors from Università Ca' Foscari Venezia, offering a comprehensive evaluation of CSP's role in addressing content security problems.

Syllabus

Intro
Content Security Policy
Example
More on Inline Scripts
Research Goals
] Browser Support for CSP
] Enforcing Multiple Policies
[RQ1] Inconsistent Behaviours
Adoption of CSP
] Main Findings
] Configuration of CSP
] Harsh Policies
[RQ3] Defining Weakness to XSS
[RQ3] Weakness to XSS
] Evolution of CSP Deployment


Taught by

ACM CCS

Related Courses

Peeling the Onion's User Experience Layer - Examining Naturalistic Use of the Tor Browser
Association for Computing Machinery (ACM) via YouTube DeepCorr - Strong Flow Correlation Attacks on Tor Using Deep Learning
Association for Computing Machinery (ACM) via YouTube SandScout - Automatic Detection of Flaws in iOS Sandbox Profiles
Association for Computing Machinery (ACM) via YouTube Game of Decoys - Optimal Decoy Routing Through Game Theory
Association for Computing Machinery (ACM) via YouTube PREDATOR - Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration
Association for Computing Machinery (ACM) via YouTube