#contentsecuritypolicy

ReconBee

@reconbee.bsky.social

3 months ago

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update Microsoft trusted CDN domains read more about Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update reconbee.com/microsoft-to...

#microsoft #EntraID #contentsecuritypolicy #Microsoft365 #microsoft #cyberattack #CSP

Scott Keck-Warren

@scott.keck-warren.com

3 months ago

The Secret Header That Makes Your PHP App 10x More Secure | PHP Architect As developers in the year 2025, keeping our systems and applications secure is of the utmost importance. One of the most common ways that attackers can make our applications less secure is by using a…

My newest educational video on the #ContentSecurityPolicy is out on the @phparch #youtube channel. It's a powerful tool that can really increase the #security of your #SaaS applications.

#phpc #phparch

www.phparch.com/2025/11/the-...

Lukas Oldenburg

@lukasoldenburg.bsky.social

5 months ago

... The agency laments the new red tape & that they can no longer deploy tags themselves to the website through the TMS since a recent website migration. Fun fact: The whole thing would not load anyway because the #ContentSecurityPolicy blocks it, so they might as well go ahead and deploy it...🤣

Matthew Ulm

@mattulm.bsky.social

6 months ago

XSS – Cross-Site Scripting » tmack Cross-Site Scripting is a prevalent and dangerous vulnerability that can have serious consequences for web applications and their users. By understanding how XSS works and implementing effective prevention strategies, developers and security professionals can protect their applications and users from these types of attacks.

CSP helps define trusted content sources, mitigating the potential for malicious script execution.

1bluebass.com/2025/0...
Let's work together to enhance web security! 💻🔒
#WebSecurity #XSS #CyberSecurity #ContentSecurityPolicy

Tobias Asböck

@tasboeck.bsky.social

6 months ago

Why SharePoint admins should not ignore Content Security Policy violations Microsoft is introducing Content Security Policy (CSP) in SharePoint. While it’s currently in Report-only mode, enforcement will block untrusted scripts. SharePoint administrators should review violation reports now and prepare trusted sources before enabling CSP.

Microsoft is introducing Content Security Policy (CSP) in SharePoint. It's in report-only mode; enforcement will block untrusted scripts. #SharePoint #Security #MicrosoftPurview #ContentSecurityPolicy

Matthew Ulm

@mattulm.bsky.social

6 months ago

XSS – Cross-Site Scripting » tmack Cross-Site Scripting is a prevalent and dangerous vulnerability that can have serious consequences for web applications and their users. By understanding how XSS works and implementing effective prevention strategies, developers and security professionals can protect their applications and users from these types of attacks.

Implementing security measures such as Content Security Policy (CSP), input validation, and proper encoding of output can significantly reduce the risk of XSS attacks.
1bluebass.com/2025/0...
Let's work together to enhance web security!
#XSS #CyberSecurity #ContentSecurityPolicy

Matthew Ulm

@mattulm.bsky.social

6 months ago

XSS – Cross-Site Scripting » tmack Cross-Site Scripting is a prevalent and dangerous vulnerability that can have serious consequences for web applications and their users. By understanding how XSS works and implementing effective prevention strategies, developers and security professionals can protect their applications and users from these types of attacks.

Impact: A successful XSS attack can result in significant damage, including loss of sensitive information and a tarnished reputation for businesses.

1bluebass.com/2025/0...
Let's work together to enhance web security!
#WebSecurity #XSS #CyberSecurity #ContentSecurityPolicy

Matthew Ulm

@mattulm.bsky.social

6 months ago

XSS – Cross-Site Scripting » tmack Cross-Site Scripting is a prevalent and dangerous vulnerability that can have serious consequences for web applications and their users. By understanding how XSS works and implementing effective prevention strategies, developers and security professionals can protect their applications and users from these types of attacks.

Types of XSS: There are three main types—Stored, Reflected, and DOM-based.

1bluebass.com/2025/0...
Let's work together to enhance web security! 💻🔒
#WebSecurity #XSS #CyberSecurity #WebDevelopment #ContentSecurityPolicy

Wolfgang Wagner

@wwagner.net

9 months ago

Neu im Forum:

CSP Problem mit Matomo

t3forum.net/d/899-csp-pr...

#t3academyforum #matomo #contentsecuritypolicy

PreviousNext

@previousnext.com.au

10 months ago

Blog post: Everything you need to know about Content Security Policy (CSP) Interested in learning how to build, implement and analyse a Content Security Policy? Michael shares some critical insights and lessons learned from a large government website built on Drupal.

By the end of this video, you’ll understand how to start building your Content Security Policy, as well as the tools needed to analyse its effectiveness before deployment to production. #DrupalSouth #DrupalPresentation #DrupalConference #ContentSecurityPolicy

PreviousNext

@previousnext.com.au

1 year ago

Adding a CSP to an existing site can be hard, but if you enable it as early and strictly as possible, it's much easier. #drupalsouth #contentsecuritypolicy

PreviousNext

@previousnext.com.au

1 year ago

It's quite alarming to see the sheer number of browser extensions and tracking scripts injecting content in the sites you visit. Find out which one is trying to access your data on localhost. #drupalsouth #contentsecuritypolicy

PreviousNext

@previousnext.com.au

1 year ago

Allowing 'unsafe-inline' scripts can make your Content Security Policy simple, but it is discouraged as it makes you vulnerable to XSS attacks. #drupalsouth #contentsecuritypolicy

PreviousNext

@previousnext.com.au

1 year ago

A hard-coded policy is not dynamic enough for Drupal's needs, particularly with Google Tag Manager. Don’t panic, though! Michael is demonstrating how to resolve that. #drupalsouth #contentsecuritypolicy

PreviousNext

@previousnext.com.au

1 year ago

Oh my! Michael Strelan presents everything you need to know about Content Security Policy (CSP) at 10.50 am in Cinema 2. #DrupalSouth #Melbourne #ContentSecurityPolicy

Wolfgang Wagner

@wwagner.net

1 year ago

Neu im Forum:

CSP für externe Scripte

buff.ly/h6ZnOsB

#t3academyforum #ContentSecurityPolicy #ExterneScripte

Lukas Oldenburg

@lukasoldenburg.bsky.social

1 year ago

a man is covering his face with his hand and saying `` seriously '' . ALT: a man is covering his face with his hand and saying `` seriously '' .

Each week, fun w/ #ContentSecurityPolicy aka "the security thing everyone starts w/o a proper process in place to then waste insane resources". A client who just recently was super-strict and had individual rules for each pixel URL, suddenly has NO CSP at all anymore. And ofc, nobody noticed. #fail

KindSpells Labs

@kindspells.bsky.social

2 years ago

Our first #OpenSource release since our company was legally constituted. Not a big deal, but sort of a milestone :D.

A package to improve the security of your Astro site against XSS attacks:
www.npmjs.com/package/@kin...

#Astrobuild #WithAstro #ContentSecurityPolicy #SubresourceIntegrity

Eric Harrer

@eric-harrer.de

2 years ago

This is a great article to familiarize yourself with the Content Security Policy (#CSP) security concept. Many thanks to #b13 for sharing the well-founded information. #TYPO3 #CyberSecurity #ContentSecurityPolicy
b13.com/blog/introdu...

Lukas Oldenburg

@lukasoldenburg.bsky.social

2 years ago

Still too many companies don’t have their #ContentSecurityPolicy under control. I earn way too much just because CSPs suddenly start blocking sth, because stuff is introduced without thinking about #CSP first. CSPs are a big money dump this way.