Security/CSP/Deploying

From MozillaWiki

< Security‎ | CSP

Revision as of 18:58, 2 July 2009 by Sidstamm (talk | contribs) (Created page with '=Deploying CSP on a Site= In this article, we'll recommend steps that can be taken to modify a web site so that it will support CSP base restrictions. We will also explain how ...')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Deploying CSP on a Site

In this article, we'll recommend steps that can be taken to modify a web site so that it will support CSP base restrictions. We will also explain how to craft a CSP policy for a site that will provide a maximum amount of protection.

Supporting CSP base restrictions

Removing Inline Scripts

Removing "eval()"-like features

Often Misused Feature Clean up

data: URIs
XBL bindings

Writing an effective policy

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/CSP/Deploying&oldid=153268"