Tag Archives: Content Security Policy

CSP (Content Security Policy)


In this post, I’ll practically show you one promising new defense using CSP (Content Security Policy) that can significantly reduce possible XSS (Cross-Site Scripting) attacks in modern web-browsers (currently Chrome 16+ and Firefox 4+)!

I’ll not only block inline/outer scripts but also ask user-agent to auto-generate report for each violated activity it founds that violates my pre-defined policy.

Read full post:

Exploring CSP (Content Security Policy) using ASP.NET MVC

Test online: http://csp.somee.com/

Advertisements