BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

CSP Oddities

Hack In The Box Security Conference via YouTube

Start learning Write review

Overview

This course on Content Security Policy (CSP) aims to educate participants on the defense-in-depth mechanism to restrict resources in web applications, reducing the risk of injections. The course covers major roadblocks in CSP deployment, common mistakes, and effective strategies in different browsers. Participants will learn how to defeat whitelist-based models, utilize nonces for a more secure CSP, and understand the challenges and advancements in modern web technologies. The teaching method includes presentations, demonstrations, and examples. This course is intended for web developers, security professionals, and individuals interested in web application security.

Syllabus

Introduction
Google Zurich
Summary
What is CSP
Content Security Policy
Breaking CSP
Examples
Default source
Whitelist
JSONP
Angular
Paths
CSP Tool
CSP Nonces
Nonce
Nonce Propagation
Unsafe Dynamic
Demo
CSP Oddities
Browser Support
Success Stories

Taught by

Hack In The Box Security Conference

Reviews

Start your review of CSP Oddities

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.