Content Security Policy in ASP.NET MVC - Scripts

added by Tomasz Pęczek
8/1/2015 7:51:55 PM

401 Views

Content Security Policy Level 2 specification defines a mechanism for providing policies around sources from which the application will be loading resources. This allows for better protection against many different injection vulnerabilities. In this post I'm going to show how you can use it with ASP.NET MVC in order to mitigate cross-site scripting (XSS) attacks by defining trusted sources for running scripts.


0 comments