2015-008- Make your web Apps more secure with Content Security Policy (part 1) - a podcast by Bryan Brake, Amanda Berlin, Brian Boettcher

Pawel Krawczyk did an interview with us about Content Security Policy. Learn about what it is, and whether or not the latest browsers can support it.

 

We also talk about how you can get around it, if there are ways to avoid it if you are a bad guy, and how you can get the most out of it.

If you're a web developer, and want to reduce your site's chances of allowing XSS, you'll want to take a listen to this.

 

https://w3c.github.io/webappsec/specs/content-security-policy/#changes-from-level-1

https://w3c.github.io/webappsec/specs/content-security-policy/#directive-sandbox

Further episodes of BrakeSec Education Podcast

Further podcasts by Bryan Brake, Amanda Berlin, Brian Boettcher

Website of Bryan Brake, Amanda Berlin, Brian Boettcher