Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Defeating Cross-site Scripting with Content Security Policy 2

via Pluralsight

Overview

Content Security Policy (CSP) is a W3C standard that limits what a browser may do, which helps prevent many common attacks, including Cross-site Scripting. This course will teach you all relevant CSP features and which browsers they work in.

Cross-site scripting (XSS) is one of the major threats against web applications, with successful attacks every day. In this course, Defeating Cross-site Scripting with Content Security Policy, you'll learn how to put an end to this and other threats against your applications. First, you'll learn about the W3C standard Content Security Policy (CSP), which versions exist and features they bring. Next, you'll develop an understanding of how CSP restricts what content the browser is allowed to load and execute. Finally, you'll explore exactly how to use this approach to secure your sites. When you're finished with this course, you'll be ready to apply CSP to your web applications, and protect them from XSS and other attacks.

Syllabus

  • Course Overview 2mins
  • Getting Started 21mins
  • Implementing CSP for Everyone: Version 1 39mins
  • Leveraging Advanced Content Security Policy Features: Version 2 36mins
  • Getting Applications Ready for Content Security Policy 27mins
  • Looking Forward: Upcoming Features in CSP 3 15mins

Taught by

Christian Wenz

Reviews

4.7 rating at Pluralsight based on 41 ratings

Start your review of Defeating Cross-site Scripting with Content Security Policy 2

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.