Content Security Policy (CSP)

Références

• Content-Security-Policy: misconfigurations and bypasses
• Plugin Burp: CSP-Bypass
• Collection of CSP bypasses: liste de contournement de CSP-nonce.
• So we broke all CSPs …
• GitHub’s post-CSP journey
• CSP Evaluator