public marks

PUBLIC MARKS with tags "Content Security Policy" & "navigateur web"

02 September 2014 11:00

An Introduction to Content Security Policy - HTML5 Rocks

by dzc
Instead of blindly trusting everything that a server delivers, CSP defines the Content-Security-Policy HTTP header that allows you to create a whitelist of sources of trusted content, and instructs the browser to only execute or render resources from those sources. Even if an attacker can find a hole through which to inject script, the script won’t match the whitelist, and therefore won’t be executed.

PUBLIC TAGS related to tag "Content Security Policy"

add-on +   conception web +   cross site scripting +   csp +   firefox +   securité +   securité site web +   security +   xpi +   xss +  

Active users

dzc
last mark : 02/09/2014 11:02