This course aims to explore the effectiveness of Content Security Policy (CSP) in real-world scenarios. Students will learn about browser support for CSP, enforcing multiple policies, adoption trends, configuration options, and the evolution of CSP deployment. The teaching method involves presenting research goals, examples, and findings related to CSP. This course is intended for individuals interested in content security, web development, and cybersecurity.
Evaluating the Effectiveness of Content Security Policy in the Wild
Association for Computing Machinery (ACM) via YouTube
Overview
Syllabus
Intro
Content Security Policy
Example
More on Inline Scripts
Research Goals
] Browser Support for CSP
] Enforcing Multiple Policies
[RQ1] Inconsistent Behaviours
Adoption of CSP
] Main Findings
] Configuration of CSP
] Harsh Policies
[RQ3] Defining Weakness to XSS
[RQ3] Weakness to XSS
] Evolution of CSP Deployment
Taught by
ACM CCS
