public marks

PUBLIC MARKS with tag "cross-site scripting"


An Introduction to Content Security Policy - HTML5 Rocks

by dzc
Instead of blindly trusting everything that a server delivers, CSP defines the Content-Security-Policy HTTP header that allows you to create a whitelist of sources of trusted content, and instructs the browser to only execute or render resources from those sources. Even if an attacker can find a hole through which to inject script, the script won’t match the whitelist, and therefore won’t be executed.



PHP CSRF protection class

by Xavier Lacot & 1 other
This class adds CSRF protection to existing PHP applications that make use of PHP's session support for authentication. If you are writing an application from scratch you shouldn't use this; it's designed to protect legacy apps that were not built with CSRF in mind.


sfCSRFPlugin - symfony

by Xavier Lacot
The sfCSRFPlugin plugin provides protection against Cross Site Request Forgeries.

PUBLIC TAGS related to tag "cross-site scripting"

conception web +   Content Security Policy +   csp +   csrf +   firefox +   framework +   html5 +   HTTP CSP +   javascript +   navigateur web +   à surveiller +   php +   plugin +   protection +   securité site web +   security +   sécurité +   symfony +   xss +   XSS attacks +  

Active users

last mark : 02/09/2014 11:02

Xavier Lacot
last mark : 25/09/2008 12:33