I found this video a while ago and saved it. This fundemental for websites and web applications to mitigate XSS attacks. I came across a 'trusted scripts assignment' error in the console and after a ton of research i've started implementing a CSP header (you can also use the meta tag to set a CSP) but i still needed more info so i came back here. Thanks for taking time to make this video Abhay i can see that you've gone through some lengths to hide personal info before uploading the video so its really appreciated and its going to help alot.
Pls clarify, How do we mange this CSP in SPA(single page applications)....In my case it is React JS
3 роки тому
You explained it very well. Concept is clear to me. But how do I get my javascript loaded without errors. I have very little knowledge of Java and have played with a bit. I found which files causing the errors but how do I correct this. Where do I inject the nonce or hash code in my files or remove the errors in my javascrips?
Hey Ashish, quick question. if I have 'connect-src *' but have explicitly limited script-src and all other derivatives to a particular domain, how much of a threat is it?
![CSP - Политика безопасности контента (content security policy) [JavaScript для начинающих] #43](http://i.ytimg.com/vi/JMDZV6t3eAU/mqdefault.jpg)
I found this video a while ago and saved it. This fundemental for websites and web applications to mitigate XSS attacks. I came across a 'trusted scripts assignment' error in the console and after a ton of research i've started implementing a CSP header (you can also use the meta tag to set a CSP) but i still needed more info so i came back here. Thanks for taking time to make this video Abhay i can see that you've gone through some lengths to hide personal info before uploading the video so its really appreciated and its going to help alot.
This is one of the best videos I have ever seen on any topic.
Thank you
Abhay, this is one of the best presentations. This whole video is able to maintain the curiosity. Thanks a lot.
Thank you very much for your compliments :)
Thanks for this excellent deep-dive into CSP!
Great content, learnt valuable lesson from you as a web developer.
It was a very professional presentation.. I especially liked the courtesy links that you have posted towards the end ... 👍🏻
Thank you!
This is a very perspicuous explanation/ intro into CSP! Thanks!
Thank you!
Great n unique way of explanation sir.
Waiting to learn more concepts 👌👌
Thank you!
Very Well explained, the details you go into are very helpful
07:37 set by the (Application) server 08:19 my web server would indicate to the browser via an HTTP header, from the same origin server
Thanks for the information , explanation and your time !!!
Thanks :)
This is best video for learning CSP
great explanation... good luck Abhay
Nice explanation..
I see very less videos in your video channel. Why ?
Awesome information - really clear - thanks!
Thank you!
Thank you for the detailed explanation.
Thank you
wow bro it's an awesome explanation, tanks for this, and your english pronunciation it's amazing
Thank you Samuel :)
A great presentation! Loved it.
Thank you
very thorough, thanks for the demo!
presentation was very neat and good. Very much helpful
Thank you!
This video is gold.
Thank you :)
Excellent Explanation
Awsome, explanation sir great 👍
Thank you!
Pls clarify,
How do we mange this CSP in SPA(single page applications)....In my case it is React JS
You explained it very well. Concept is clear to me. But how do I get my javascript loaded without errors. I have very little knowledge of Java and have played with a bit. I found which files causing the errors but how do I correct this. Where do I inject the nonce or hash code in my files or remove the errors in my javascrips?
Dude, This is good
Thanks mate
Hey Ashish, quick question. if I have 'connect-src *' but have explicitly limited script-src and all other derivatives to a particular domain, how much of a threat is it?
Very informative Video, One request please share link to the source code of the application...
I finally get it. Thanks!
Glad you found it useful
Great video
Thank you!
Nice Presentation!
Thank you!
Much appreciated. thanks.
Willing to talk to you around some appsec problems that i want to solve for my company.
Kindly accept my invite on LinkedIn