Javascript whitelisting
After last post on browser based security, a few people asked how CSP works. Basically, it is a contract between a web server and the client (i.e. the browser). The browser (being a client) is basically executing everything send to it by the web server. This is very risky when the web server is comprised (that is what happen […]
Javascript whitelisting Read More »