Mitigating Cross-Site Scripting Attacks with a Content Security Policy

   December 11, 2017    Comments Off on Mitigating Cross-Site Scripting Attacks with a Content Security Policy    Posted in: IEEE 2017, Java

Mitigating Cross-Site Scripting Attacks with a Content Security Policy

Abstract

A content security policy (CSP) can help Web application developers and server administrators better control website content and avoid vulnerabilities to cross-site scripting (XSS). In experiments with a prototype website, the authors’ CSP implementation successfully mitigated all XSS attack types in four popular browsers.

  

Comments are closed.