Главная
Study mode:
on
1
Intro
2
Background
3
Crosssite scripting
4
Cross site scripting
5
Persistent crosssite scripting
6
Reflective crosssite scripting
7
Selfcrosssite scripting
8
Social engineering
9
Facebook console
10
Fight back against hackers
11
What is a content security policy
12
Browser support
13
Resources
14
Image
15
Object Source
16
Style Source
17
Inline Source
18
Dont Use It
19
Nonce
20
Constant Security
21
Breaking Production
22
Breaking the Site
23
Report URI
24
Payload
25
ReportURI
26
ReportOnly
27
Over Time
28
Fun Part
29
Business buzzwords
30
Requirements
31
Gibson
32
Garbage Files
33
Update Files
34
Script
35
Pop Emoji
36
Poop Emoji
37
Corporate Phone Call
38
Code Base
39
No poop emojis
40
No proof emojis
41
Inline script
42
Homepage
43
Gate
44
Home Page
45
Garbage File
46
Content Security Policy
47
Tips
48
Cryptographic Nonces
49
Twig
50
Multiple Policies
51
Enforce Report Policies
52
Test Multiple Policies
53
Scott Helm
54
Mr Goodwin
55
Homework
Description:
Explore the world of Content Security Policies (CSPs) in this informative conference talk from GOTO Copenhagen 2018. Delve into the importance of CSPs as a crucial security tool, understanding their functionality, implementation, and limitations in protecting website users. Witness demonstrations of attacks thwarted by CSPs, observe a site intentionally broken by a CSP, and learn about various CSP directives and options. Gain insights into available tools for working with CSPs and discover how to effectively integrate them into your security strategy. Perfect for developers and security professionals looking to enhance their web application security knowledge.

Content Security Policies - Let's Break Stuff

GOTO Conferences
Add to list
#Conference Talks #GOTO Conferences #Programming #Web Development #Information Security (InfoSec) #Cybersecurity #Ethical Hacking #Social Engineering #Web Security #Content Security Policy
1 of 55

Intro