@sylvain Sounds very useful, specially the CSP.
Thanks for sharing.

@jlhertel You're Welcome 🙂

CSP is for sure a little bit hard to get it right, especially for content heavy websites, but it's, in my opinion, the easiest to secure a website against most client-side injections attacks and data exfiltration!

@sylvain indeed. Sad that is not widely used. I just recently got to know it from some security experts auditing an app I was touching.

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!