CSP is a security standard which helps prevent cross-site scripting, clickjacking, mixed content security issues, and protocol downgrade attacks. Content Security Policy is very flexible and can be used to accomplish many different goals. From a developers perspective, CSP can also be used to clean up some bad old contents by using strict source-list for all contents, to migrate a website to HTTPS by using block mixed content directive and a good help for progressive enhancement, orthogonality as the code is prepperly segregated using well-defined sour-lists. It is achieved by sending headers to the browser that instruct the browser on how to handle content.




Starts at Saturday December 19 2020, 11:30 AM. The sessions runs for about 1 hour.