Chetan Mittalblog.railsforgedev.com·Nov 19, 2024Comprehensive Guide to Implementing Content Security Policies in Ruby on Rails 8Content Security Policy (CSP) is a critical security feature for modern web applications. It mitigates vulnerabilities such as Cross-Site Scripting (XSS) and data injection attacks by controlling which resources a web page can load or execute. With c...509 readsRuby
Le Quoc Cuongnospaceavailable.hashnode.dev·Sep 16, 2024Comment trong HTML, <script> tag và một kỹ thuật CSP bypass để tấn công XSSNgôn ngữ HTML được đặc trưng bởi các HTML tag và các thuộc tính (attributes) của mỗi tag. Trong bài viết này, chúng ta sẽ tìm hiểu về tag <script> trong HTML và một số hành vi mà mình cho là khá thú vị khi mà HTML parser và Javascript parser cùng hoạ...40 readsJavaScript
Nile Bitsnilebits.hashnode.dev·Sep 15, 2024Implementing Clickjacking Defense Techniques in JavaScriptThe emergence of sophisticated assaults like clickjacking has made security a primary issue in today's online world. By deceiving consumers into clicking on something that differs from what they initially see, attackers deploy a nefarious method call...JavaScript
David Willifordblog.davidwilliford.dev·Aug 14, 2024Understanding CSPs through HydrogenContent Security Policy (CSP) is a crucial tool in web development that can make or break your site’s security. If you’ve spent time debugging font loading issues or mysterious errors while working with 3rd party imports, you’ve likely bumped into CS...Web Development
Sumir BrootaforBreachForcebreachforce.net·Jul 8, 2024Implementing a Secure Content Security Policy (CSP)Skip to TLDR Introduction Content Security Policy (CSP) provides mechanisms for websites to restrict content that browsers will be allowed to load. It is the holy grail for client side web application security. A strong policy can provide monumental ...59 readsCSP header
Chetanya Tomarchetanya-snaps.hashnode.dev·Jul 1, 2024👮 What The Hell Is Csp?So, you're planning to switch to a Senior Frontend Developer role. Aiming for that 2000% salary hike at a startup or FAANG, huh? If you don’t know this, I think you should re-consider and pull the brakes.Today, I'll show you how to prevent your app...10 likescsp
Amit Paunikaramitpaunikar.hashnode.dev·Jun 17, 2024Digging deeper into FIPS and FedRAMP CompliancesIn an earlier article, we listed some of the Compliance and Regulatory standards required by Public Sector companies in the U.S. Here we dig deeper into two of these regulations - FIPS and FedRAMP. Federal Information Processing Standards (FIPS) FIPS...27 readsCompliances
Mahak Pandeymahakpandeyofficial.hashnode.dev·Jun 1, 2024Best Practices for Safe JavaScript "onclick" EventsIn the world of web development, ensuring the security of user interactions is paramount. One common area where security vulnerabilities can arise is in handling onclick events in JavaScript. These events are crucial for creating interactive web appl...10 likes·35 reads- JavaScript onclick security - Secure onclick events - Prevent XSS attacks - JavaScript security best practices - Sanitize JavaScript user input - Safe JavaScript event handling - Content Security Policy for JavaScript - Preventing JavaScript vulnerabilities - JavaScript XSS mitigation - Secure web development practices
Aburu SarahforOpen Replay's Technical Blogopenreplay.hashnode.dev·Oct 25, 2023Securing Front-End Apps With CORS And CSPFront-end applications play a central role in delivering a seamless user experience. In today’s interconnected web, where third-party integrations and APIs are prevalent, ensuring robust security is paramount. Security breaches can lead to data theft...websecurity
LebCitlebcit.hashnode.dev·Jun 3, 2023CSP nonce with Node.js and EJSIntro In this post, I will not dive into CSP's details. The previous link is enough for a simple introduction to the subject, but if you wish to go deeper I'll suggest taking a look at : Content Security Policy (CSP) on MDN Content Security Policy ...Node.js