Content Security Policy Explained скачать в хорошем качестве

Content Security Policy Explained

Content Security Policies (CSP) are a powerful safety feature of the modern web. This video aims to lay a foundation for anyone to add a CSP to their web applications. In this video, we're going to take a look at content security policy, what it is, why you need it, and how to create a content security policy using the OWASP Content Security Policy Template. If you work with web applications or have any sort of online presence, you need to know about content security policy. This video will explain everything you need to know in easy to understand terms, including why you need it, how to create a content security policy, and how to protect your web applications with it. One note that isn't as clear in the video – the directives are universal and can also be added to meta tag-based CSPs if one does not have access to the server. Have more thoughts? Leave a comment or @-me on   / tejaskumar_   Don't forget to like and subscribe with notifications for future videos! More resources: OWASP Cheat Sheet: https://cheatsheetseries.owasp.org/ch... Complete list of CSP directives: https://developer.mozilla.org/en-US/d... Chapters: 00:00 Intro 00:08 Why Should I Care? 01:00 Where Do I Add One? 01:12 1. HTTP Headers 01:36 2. Meta Tag 01:43 3. manifest.json 01:59 How Do I Add One to a Web App? 03:42 (Demo) Implementing a Content Security Policy 04:10 Report-Only Mode for Iterative Development 04:42 Sending Content Security Policy Reports 05:13 Conclusion