Restricting the Scripts, You're to Blame, You Give CSP a Bad Name
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the intricacies of Content Security Policy (CSP) in this 47-minute conference talk from the OWASP Foundation. Delve into script content control, secure network connection enforcement, and framing control techniques. Learn how to implement TLS via CSP, understand the differences between X-Frame-Options and CSP frame ancestors, and discover best practices for framing control. Gain valuable insights from a developer study and take away key messages to enhance web application security. Participate in a survey to reinforce your understanding of CSP implementation strategies.
Syllabus
Intro
Content Security Policy
Script Content Control - Example
Enforce Secure Network Connections
How to enforce TLS via CSP
Take Aways-TLS Enforcement
Framing Control - X-Frame-Options
Framing Control - Partial support
Framing Control - Double Framing
Framing Control - CSP frame ancestors
Best practice for framing control
Framing Control -XFO vs. CSP
Framing Control - Developer Study
Take Away Messages
Survey Time!
Taught by
OWASP Foundation
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube