#contentsecuritypolicy
LightNews LightNews
devtodo-un-poco.bsky.social
tengo que integrar sus diferentes métodos, como `contentSecurityPolicy` y `xssFilter`, y listo. La seguridad no debe ser un lujo, y Helmet lo hace accesible. ¡Pruébalo!
March 26, 2025 at 7:00 PM
previousnext.com.au
It's quite alarming to see the sheer number of browser extensions and tracking scripts injecting content in the sites you visit. Find out which one is trying to access your data on localhost. #drupalsouth #contentsecuritypolicy
March 13, 2025 at 12:21 AM
mattulm.bsky.social
Impact: A successful XSS attack can result in significant damage, including loss of sensitive information and a tarnished reputation for businesses.

1bluebass.com/2025/0...
Let's work together to enhance web security!
#WebSecurity #XSS #CyberSecurity #ContentSecurityPolicy
XSS – Cross-Site Scripting » tmack
Cross-Site Scripting is a prevalent and dangerous vulnerability that can have serious consequences for web applications and their users. By understanding how XSS works and implementing effective prevention strategies, developers and security professionals can protect their applications and users from these types of attacks.
www.1bluebass.com
September 12, 2025 at 1:00 AM
previousnext.com.au
By the end of this video, you’ll understand how to start building your Content Security Policy, as well as the tools needed to analyse its effectiveness before deployment to production. #DrupalSouth #DrupalPresentation #DrupalConference #ContentSecurityPolicy
Blog post: Everything you need to know about Content Security Policy (CSP)
Interested in learning how to build, implement and analyse a Content Security Policy? Michael shares some critical insights and lessons learned from a large government website built on Drupal.
www.previousnext.com.au
April 29, 2025 at 8:00 AM
previousnext.com.au
Oh my! Michael Strelan presents everything you need to know about Content Security Policy (CSP) at 10.50 am in Cinema 2. #DrupalSouth #Melbourne #ContentSecurityPolicy
March 12, 2025 at 11:51 PM
devtodo-un-poco.bsky.social
Hoy quiero hablarles de una herramienta que se ha vuelto indispensable en mis proyectos: helmet.js. Esta librería me ayuda a reforzar la seguridad de mis APIs al establecer cabeceras HTTP adecuadas. Al usar métodos como `set`, `contentSecurityPolicy` y `hsts`, puedo proteger mis aplicaciones contra
March 26, 2025 at 12:00 PM
topedia.com
Microsoft is introducing Content Security Policy (CSP) in SharePoint. It's in report-only mode; enforcement will block untrusted scripts. #SharePoint #Security #MicrosoftPurview #ContentSecurityPolicy
Why SharePoint admins should not ignore Content Security Policy violations
Microsoft is introducing Content Security Policy (CSP) in SharePoint. While it’s currently in Report-only mode, enforcement will block untrusted scripts. SharePoint administrators should review violation reports now and prepare trusted sources before enabling CSP.
topedia.net
September 13, 2025 at 3:27 PM
mattulm.bsky.social
CSP helps define trusted content sources, mitigating the potential for malicious script execution.

1bluebass.com/2025/0...
Let's work together to enhance web security! 💻🔒
#WebSecurity #XSS #CyberSecurity #ContentSecurityPolicy
XSS – Cross-Site Scripting » tmack
Cross-Site Scripting is a prevalent and dangerous vulnerability that can have serious consequences for web applications and their users. By understanding how XSS works and implementing effective prevention strategies, developers and security professionals can protect their applications and users from these types of attacks.
www.1bluebass.com
September 13, 2025 at 5:00 PM
kindspells.bsky.social
Our first #OpenSource release since our company was legally constituted. Not a big deal, but sort of a milestone :D.

A package to improve the security of your Astro site against XSS attacks:
www.npmjs.com/package/@kin...

#Astrobuild #WithAstro #ContentSecurityPolicy #SubresourceIntegrity
February 10, 2024 at 10:17 PM
mattulm.bsky.social
Implementing security measures such as Content Security Policy (CSP), input validation, and proper encoding of output can significantly reduce the risk of XSS attacks.
1bluebass.com/2025/0...
Let's work together to enhance web security!
#XSS #CyberSecurity #ContentSecurityPolicy
XSS – Cross-Site Scripting » tmack
Cross-Site Scripting is a prevalent and dangerous vulnerability that can have serious consequences for web applications and their users. By understanding how XSS works and implementing effective prevention strategies, developers and security professionals can protect their applications and users from these types of attacks.
www.1bluebass.com
September 12, 2025 at 2:00 PM
lukasoldenburg.bsky.social
Each week, fun w/ #ContentSecurityPolicy aka "the security thing everyone starts w/o a proper process in place to then waste insane resources". A client who just recently was super-strict and had individual rules for each pixel URL, suddenly has NO CSP at all anymore. And ofc, nobody noticed. #fail
a man is covering his face with his hand and saying `` seriously '' .
ALT: a man is covering his face with his hand and saying `` seriously '' .
media.tenor.com
November 19, 2024 at 2:37 PM
previousnext.com.au
Allowing 'unsafe-inline' scripts can make your Content Security Policy simple, but it is discouraged as it makes you vulnerable to XSS attacks. #drupalsouth #contentsecuritypolicy
March 13, 2025 at 12:21 AM
mattulm.bsky.social
Types of XSS: There are three main types—Stored, Reflected, and DOM-based.

1bluebass.com/2025/0...
Let's work together to enhance web security! 💻🔒
#WebSecurity #XSS #CyberSecurity #WebDevelopment #ContentSecurityPolicy
XSS – Cross-Site Scripting » tmack
Cross-Site Scripting is a prevalent and dangerous vulnerability that can have serious consequences for web applications and their users. By understanding how XSS works and implementing effective prevention strategies, developers and security professionals can protect their applications and users from these types of attacks.
www.1bluebass.com
September 11, 2025 at 10:07 PM
wwagner.net
Neu im Forum:

CSP Problem mit Matomo

t3forum.net/d/899-csp-pr...

#t3academyforum #matomo #contentsecuritypolicy
May 18, 2025 at 1:49 PM
previousnext.com.au
A hard-coded policy is not dynamic enough for Drupal's needs, particularly with Google Tag Manager. Don’t panic, though! Michael is demonstrating how to resolve that. #drupalsouth #contentsecuritypolicy
March 12, 2025 at 11:58 PM
wwagner.net
Neu im Forum:

CSP für externe Scripte

buff.ly/h6ZnOsB

#t3academyforum #ContentSecurityPolicy #ExterneScripte
March 6, 2025 at 3:18 PM
lukasoldenburg.bsky.social
Still too many companies don’t have their #ContentSecurityPolicy under control. I earn way too much just because CSPs suddenly start blocking sth, because stuff is introduced without thinking about #CSP first. CSPs are a big money dump this way.
November 2, 2023 at 2:30 PM
eric-harrer.de
This is a great article to familiarize yourself with the Content Security Policy (#CSP) security concept. Many thanks to #b13 for sharing the well-founded information. #TYPO3 #CyberSecurity #ContentSecurityPolicy
b13.com/blog/introdu...
January 25, 2024 at 4:38 PM
previousnext.com.au
Adding a CSP to an existing site can be hard, but if you enable it as early and strictly as possible, it's much easier. #drupalsouth #contentsecuritypolicy
March 13, 2025 at 12:21 AM
adamtuttle.codes
As far as I can tell, ContentSecurityPolicy (required by PCI) is a farce.

Braintree requires 'unsafe-inline'. So does Spreedly.

The only gateway I've found that has good docs AND a sane CSP suggestion is Stripe: docs.stripe.com/security/gui...
February 5, 2025 at 2:39 PM
lukasoldenburg.bsky.social
... The agency laments the new red tape & that they can no longer deploy tags themselves to the website through the TMS since a recent website migration. Fun fact: The whole thing would not load anyway because the #ContentSecurityPolicy blocks it, so they might as well go ahead and deploy it...🤣
September 29, 2025 at 6:52 PM