CSP Content Security Policy
Contents of this page:
What is CSP
- Content Security
is an added layer of security that helps to detect and mitigate
certain types of attacks, including Cross Site Scripting
data injection attacks.
- Configuring Content Security Policy involves adding
the Content-Security-Policy HTTP
header to a web page and giving it values to control what resources
the user agent is allowed to load for that page.
- More here.
A Half Example
- It’s available
(to Clare only).
- I seem to have kept only some of the relevant code – it’s some of
the test code we wrote for this at Samba.
- I also have the browser errors that prompted us to write these tests
in the first place – in the same folder.