Speaker Deck

Defeating Cross-Site Scripting with Content Security Policy (updated)

by Francois Marier

Published January 29, 2013 in Programming

How a new HTTP response header can help increase the depth of your web application defenses.

Also includes a few slides on HTTP Strict Transport Security, a header which helps protects HTTPS sites from sslstrip attacks.