Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Restricting the Scripts, You're to Blame, You Give CSP a Bad Name

OWASP Foundation via YouTube

Overview

Explore the intricacies of Content Security Policy (CSP) in this 47-minute conference talk from the OWASP Foundation. Delve into script content control, secure network connection enforcement, and framing control techniques. Learn how to implement TLS via CSP, understand the differences between X-Frame-Options and CSP frame ancestors, and discover best practices for framing control. Gain valuable insights from a developer study and take away key messages to enhance web application security. Participate in a survey to reinforce your understanding of CSP implementation strategies.

Syllabus

Intro
Content Security Policy
Script Content Control - Example
Enforce Secure Network Connections
How to enforce TLS via CSP
Take Aways-TLS Enforcement
Framing Control - X-Frame-Options
Framing Control - Partial support
Framing Control - Double Framing
Framing Control - CSP frame ancestors
Best practice for framing control
Framing Control -XFO vs. CSP
Framing Control - Developer Study
Take Away Messages
Survey Time!

Taught by

OWASP Foundation

Reviews

Start your review of Restricting the Scripts, You're to Blame, You Give CSP a Bad Name

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.