Monday, February 16, 2015

2015-008- Make your web Apps more secure with Content Security Policy (part 1)


Pawel Krawczyk did an interview with us about Content Security Policy. Learn about what it is, and whether or not the latest browsers can support it.

 

We also talk about how you can get around it, if there are ways to avoid it if you are a bad guy, and how you can get the most out of it.

If you're a web developer, and want to reduce your site's chances of allowing XSS, you'll want to take a listen to this.

 

https://w3c.github.io/webappsec/specs/content-security-policy/#changes-from-level-1

https://w3c.github.io/webappsec/specs/content-security-policy/#directive-sandbox


Here is a new episode of Brakeing Down Security!

No comments: