Over a million developers have joined DZone.

Explanation and Demo of the Content Security Policy (CSP) [Video]

DZone's Guide to

Explanation and Demo of the Content Security Policy (CSP) [Video]

In this video, a security researcher shows us how to work with CSP to keep our sites free of vulnerabilities, such as XSS.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

Scanning a web application for vulnerabilities and ensuring it is secure is certainly a good thing to do. Though there are other things you can leverage to improve the security posture of your web applications, such as Content Security Policy (CSP).

Watch our security researcher Sven Morgenroth deliver a presentation and demo about CSP during episode #536 of Paul's Security Weekly. During the podcast Sven:

  • Explains what CSP is.
  • Explains some CSP directives and how to use them.
  • Shows some of the most common mistakes one can make when configuring CSP.
  • Explains how CSP helps in preventing Cross-site Scripting vulnerabilities on your web applications.

During the podcast, Sven also makes a demo and shows the effect Content Security Policy directives have when used to protect a web application and also highlights some best practices. 

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

content security policy ,csp ,security ,cross-site scripting

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}