2015-008- Make your web Apps more secure with Content Security Policy (part 1)
BrakeSec Education Podcast · Bryan Brake
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Pawel Krawczyk did an interview with us about Content Security Policy. Learn about what it is, and whether or not the latest browsers can support it.
We also talk about how you can get around it, if there are ways to avoid it if you are a bad guy, and how you can get the most out of it.
If you're a web developer, and want to reduce your site's chances of allowing XSS, you'll want to take a listen to this.
https://w3c.github.io/webappsec/specs/content-security-policy/#changes-from-level-1
https://w3c.github.io/webappsec/specs/content-security-policy/#directive-sandbox