Pablo's SPOT

How to implement Content Security Policy on scripts - Infrastructure approach vs HTML code approach

Nov 21, 202310:40 PM

Overview

This is the first episode on a series of implementing Content Security Policy on web applications. This episode covers the implementation of script source policy. It provides a walk through of implementing the protection through infrastructure resource (e.g. AWS Cloudfront) and through META tags in HTML code.

References

Setting up website with Cloudfront and S3 bucket
Cloudfront Functions
Cloudfront with Lambda Edge
Cloudfront Security Response Headers
Cloudfront as Web Proxy

Tags:
implementing-content-security-policy

Recommended book references

Click on book reference to open product details in Amazon website.

Pablo's SPOT

How to implement Content Security Policy on scripts - Infrastructure approach vs HTML code approach

Overview

References

Recommended book references

Web Application Security: Exploitation and Countermeasures for Modern Web Applications

Web Application Security, A Beginner's Guide

The DevOps Handbook