Explore the intricacies of Content Security Policy (CSP) as a defense against cross-site scripting (XSS) attacks in this conference talk from OWASP AppSec California 2015. Delve into the differences between CSP 1.0 and CSP 1.1, understanding how these versions impact web application developers. Learn how CSP protects web applications from XSS vulnerabilities and whether traditional defenses like input validation and output encoding are still necessary. Discover the varying levels of browser support for CSP and gain practical insights on implementing this technology on your website. Benefit from the expertise of Ksenia Dmitrieva, a Senior Security Consultant with extensive experience in web application security, as she shares her knowledge on this promising HTML5 feature and its potential to enhance web security.
Overview
Syllabus
Fixing XSS with Content Security Policy - Ksenia Dmitrieva - OWASP AppSec California 2015
Taught by
OWASP Foundation
Related Courses
-
Defeating Cross-site Scripting with Content Security Policy 2
-
Cross Site Scripting (XSS) Prevention for ASP.NET Core and ASP.NET Applications
-
Secure Coding with OWASP in React 18
-
Fixing XSS with Content Security Policy
-
XSS Cross Site Scripting attack- Hacking Technique
-
OWASP Top 10 - A03:2021 - Injection
