Pro Yearly is on sale from $80 to $50! »

Content Security Policy in your Rails apps in 30s

Content Security Policy in your Rails apps in 30s

Content Security Policy (CSP) is an HTTP header that instructs the browser to limit loading of external assets, such as scripts, styles or media to specific sources. It is intended to prevent wide categories of attacks, such as cross-site scripting (XSS), click-jacking and other code injection. This feature is powerful because it prevents many common attacks that target your users’ browsers.
We explain why Content Security Policy is complex to use and how Sqreen provides a powerful feature to easily add it to your applications.

630bcbf98d335080f59e77b73f55c510?s=128

Jean-Baptiste Aviat

July 05, 2016
Tweet

Transcript

  1. Confidential & proprietary © Sqreen, 2015 sqreen.io Content Security Policy

    in your Rails apps in 30s
  2. © Sqreen sqreen.io Content Security Policy TL;DR

  3. Confidential & proprietary © Sqreen, 2015 sqreen.io Content Security Policy

    is ready to be used today
  4. Confidential & proprietary © Sqreen, 2015 sqreen.io Content Security Policy

    v2 is progressively supported
  5. © Sqreen sqreen.io Content Security Policy Failure? complex error prone

    can break anything between dev and prod
  6. © Sqreen sqreen.io <0.9% of websites using it Fail?

  7. © Sqreen sqreen.io Yet, Content Security Policy is an awesome

    protection... XSS click-jacking code injection Rogue extensions
  8. Confidential & proprietary © Sqreen, 2015 sqreen.io Sqreen helps you

    set up and maintain your Content Security Policy
  9. © Sqreen sqreen.io Sqreen updates your Content Security Policy in

    1-click
  10. Confidential & proprietary © Sqreen, 2015 sqreen.io Let's protect your

    Rails apps