public marks

PUBLIC MARKS with tag "cross-site scripting"

2014

An Introduction to Content Security Policy - HTML5 Rocks

by dzc
Instead of blindly trusting everything that a server delivers, CSP defines the Content-Security-Policy HTTP header that allows you to create a whitelist of sources of trusted content, and instructs the browser to only execute or render resources from those sources. Even if an attacker can find a hole through which to inject script, the script won’t match the whitelist, and therefore won’t be executed.

2009

2008

PHP CSRF protection class

by Xavier Lacot & 1 other
This class adds CSRF protection to existing PHP applications that make use of PHP's session support for authentication. If you are writing an application from scratch you shouldn't use this; it's designed to protect legacy apps that were not built with CSRF in mind.

2007

sfCSRFPlugin - symfony

by Xavier Lacot
The sfCSRFPlugin plugin provides protection against Cross Site Request Forgeries.

PUBLIC TAGS related to tag "cross-site scripting"

conception web +   Content Security Policy +   csp +   csrf +   firefox +   framework +   html5 +   HTTP CSP +   javascript +   navigateur web +   à surveiller +   php +   plugin +   protection +   securité site web +   security +   sécurité +   symfony +   xss +   XSS attacks +  

Active users

dzc
last mark : 02/09/2014 11:02

Xavier Lacot
last mark : 25/09/2008 12:33