#csp

TITech Insights Hubtopperblog.hashnode.dev

Secure Headers: HSTS CSP X-Frame-Options

Why Traditional Security Header Approaches Fail in 2025 The security header landscape has fundamentally shifted. Five years ago, adding a basic CSP directive and enabling HSTS seemed sufficient. Today's reality involves complex single-page applicatio...

Feb 129 min read

TITech Insights Hubtopperblog.hashnode.dev

Security Headers: Content-Security-Policy

Why Traditional CSP Approaches Fail in Modern Applications Legacy CSP implementations relied heavily on domain whitelisting, where developers would enumerate trusted domains in their policy directives. This approach breaks down in contemporary archit...

Feb 1210 min read

TITech Insights Hubtopperblog.hashnode.dev

XSS Attack Prevention: Content Security Policy

Why Traditional XSS Prevention Fails in Modern Applications Traditional XSS prevention relied heavily on server-side input sanitization and HTML entity encoding. This approach breaks down in 2025's application landscape for several critical reasons. ...

Feb 129 min read

TATousif Ahmedvulnerability-lens.hashnode.dev

Cross-Site Scripting (XSS)

A defence-first guide to Cross-Site Scripting: learn types of XSS, how attackers think conceptually, safe vulnerable-pattern examples and secure fixes, plus practical Content Security Policy guidance and detection strategies. Introduction Cross-Site ...

Sep 19, 20256 min read

NRNeelesh Royweekly-frontend-articles.hashnode.dev

The Dark Side of Microfrontends: Isolated Apps, Shared Breaches

TL;DR RiskWhy It MattersMitigation Shared Global ScopeOne XSS = all apps exposedNo window state, strict scoping Token LeakageSession hijackUse secure cookies, avoid localStorage Inconsistent HeadersWeakest link attackEnforce CSP & headers pe...

Jul 25, 20254 min read

ARAshish Ranjanvaptinsights.com

How to Add a Content Security Policy (CSP) in a Next.js App: Secure Your Web Application with Ease

Table of Contents What is a Content Security Policy (CSP)? Why Use a CSP in Your Next.js App? How to Add a Content Security Policy (CSP) in a Next.js App Step 1: Define Your CSP Step 2: Update next.config.js Testing Your Content Security Poli...

May 3, 20254 min read

UPUmesh Panditumeshpandit.com

The Hidden Risks of Relying on a CSP for Your Azure Infrastructure

Many companies use cloud platforms to run their systems and store data. These services help reduce costs and improve flexibility. However the way your system is set up in the cloud can affect your control, access, and security. One of the most common...

Mar 30, 20254 min read

PDPavlo Datsiukpavlodatsiuk.hashnode.dev

CSP: Using Trusted Types Policies for Enhanced Web Security

Modern web applications must guard against cross-site scripting (XSS) and similar injection attacks. Trusted Types is a browser feature designed to enforce strict handling of sensitive data—such as script URLs and HTML—by only allowing values that ha...

Feb 28, 20256 min read

LQLe Quoc Cuongnospaceavailable.hashnode.dev

Comment trong HTML, <script> tag và một kỹ thuật CSP bypass để tấn công XSS

Ngôn ngữ HTML được đặc trưng bởi các HTML tag và các thuộc tính (attributes) của mỗi tag. Trong bài viết này, chúng ta sẽ tìm hiểu về tag <script> trong HTML và một số hành vi mà mình cho là khá thú vị khi mà HTML parser và Javascript parser cùng hoạ...

Sep 16, 202410 min read

NBNile Bitsnilebits.hashnode.dev

Implementing Clickjacking Defense Techniques in JavaScript

The emergence of sophisticated assaults like clickjacking has made security a primary issue in today's online world. By deceiving consumers into clicking on something that differs from what they initially see, attackers deploy a nefarious method call...

Sep 15, 20246 min read

Tag feed

Tag feed

#csp

Secure Headers: HSTS CSP X-Frame-Options

Security Headers: Content-Security-Policy

XSS Attack Prevention: Content Security Policy

Cross-Site Scripting (XSS)

The Dark Side of Microfrontends: Isolated Apps, Shared Breaches

How to Add a Content Security Policy (CSP) in a Next.js App: Secure Your Web Application with Ease

The Hidden Risks of Relying on a CSP for Your Azure Infrastructure

CSP: Using Trusted Types Policies for Enhanced Web Security

Comment trong HTML, <script> tag và một kỹ thuật CSP bypass để tấn công XSS

Implementing Clickjacking Defense Techniques in JavaScript

#csp

Search Hashnode

#csp

Secure Headers: HSTS CSP X-Frame-Options

Security Headers: Content-Security-Policy

XSS Attack Prevention: Content Security Policy

Cross-Site Scripting (XSS)

The Dark Side of Microfrontends: Isolated Apps, Shared Breaches

How to Add a Content Security Policy (CSP) in a Next.js App: Secure Your Web Application with Ease

The Hidden Risks of Relying on a CSP for Your Azure Infrastructure

CSP: Using Trusted Types Policies for Enhanced Web Security

Comment trong HTML, <script> tag và một kỹ thuật CSP bypass để tấn công XSS

Implementing Clickjacking Defense Techniques in JavaScript