Archives for the Date June 23rd, 2009

CSP – Mozilla content security policy

This is my cup of tea, a whole new way to prevent XSS and related attacks. I’ve been looking at the specification and I like the core of the policy preventing external scripts, eval etc. But reading it I started to think of ways around it because it’s fun 🙂 Meta tag The meta tag […]