What if we could stop worrying about XSS vulnerabilities once and for all? What if we could just build our apps without having to think about the user content trying to execute malicious code on our website stealing our customers' payment data or even stealing access to some admin areas and potentially delivering even more damage?
Well, Content Security Policy can provide us with that. We'll take a look at what it is, at its stable features, experimental features and examples of what it can look like on a large website.
Check out the speaker's material: