Completed
Measuring Coverage
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Content Security Policy Evolution: From Whitelists to Strict-Dynamic - AppSec EU 2017
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Summary
- 3 Recap: How do CSP Nonces Work?
- 4 Recap: What is 'strict-dynamic'?
- 5 CSP Support in Core Frameworks
- 6 One Policy to Rule Them All!
- 7 Closure Templates with auto-noncing
- 8 SHIP IT !!1
- 9 New 'report-sample' keyword
- 10 Report Noise
- 11 CSP Mitigator
- 12 CSP Evaluator
- 13 CSP Frontend
- 14 Detailed CSP Violation Reports View
- 15 Measuring Coverage
- 16 Injection of
- 17 Steal and Reuse Nonces
- 18 Mitigating Bypasses
- 19 JS Framework/Library CSP Bypasses
- 20 jQuery 2.x Script Evaluation Logic
- 21 Wrapping Up