Security/CSP/RelevantLinks

From MozillaWiki

< Security‎ | CSP

Jump to: navigation, search

Contents

1 Our Postings
2 Select Articles talking about CSP
3 Discussion Threads
4 Similar to CSP

Our Postings

30 June 2009: CSP With or Without Meta

19 June 2009: Shutting Down XSS with Content Security Policy

Security/CSP:Implementation

Security/CSP/Spec

Select Articles talking about CSP

3-October-09

TheRegister

says we're shepherding it through W3C...
is a bit skeptical, considers adoption of CSP a longshot

1-July-09

ha.ckers.org (RSnake)

29-June-09

Slashdot

Technology Review

25-June-09

Eric Lawrence, IE Blog

24-June-09

Softpedia

Heise online

23-June-09

Gareth Heyes

suggests disregarding meta tags when HTTP header is present
presents possible attack using E4X

22-June-09

Sean Michael Kerner, Internet News

Calls for support of X-FRAME-OPTIONS

Ryan Naraine, ZDNet

Discussion Threads

WEBAPPSEC email thread

mozilla.dev.security: "content security policy" "csp"

Similar to CSP

"HTTP Immigration Control" (July 2008 Tech Report) : http://news.knownspace.org/cgi-bin/techreports/TRNNN.cgi?trnum=TR669

"Application Boundaries Enforcer (ABE)" (December 2008 Blog Post) : http://hackademix.net/2008/12/20/introducing-abe/

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/CSP/RelevantLinks&oldid=173311"