Content Security Policy & Best Practices

This article is mostly on configuration with nginx and maybe a little on IIS.



Notes:
  • https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
  • https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
  • https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
  • https://csp-evaluator.withgoogle.com
  • https://securityheaders.io/

Comments

Popular posts from this blog

Ng-repeat: Order a List Vertically rather Horizontal

HTML5 Audio doesn't Autoplay for Chrome on Android

Updating Razor 2.0 to 3.0 with Asp.net MVC