Blogmarks.net is a social bookmarking service.

Founded in late 2003 and heartquartered in France, we are non-profit and independant.

We believe in the open web, think internet services should be sustainable, build for the long term.

While we are re-launching the service, we only accept new members through invitation.

PUBLIC MARKS with tags "securité site web" & "Content Security Policy"

2014

An Introduction to Content Security Policy - HTML5 Rocks

by dzc

Instead of blindly trusting everything that a server delivers, CSP defines the Content-Security-Policy HTTP header that allows you to create a whitelist of sources of trusted content, and instructs the browser to only execute or render resources from those sources. Even if an attacker can find a hole through which to inject script, the script won’t match the whitelist, and therefore won’t be executed.

html5 XSS attacks navigateur web csp HTTP CSP Content Security Policy security securité site web cross-site scripting