openpolitics.com

Report URI: Content Security Policy, powerful monitoring and protection

With Content Security Policy, and reporting provided by Report URI, you can take full control of resources that are permitted to load on your site. Taking control of where JavaScript can be loaded and executed from is a powerful mitigation for one of the most common forms of attacks seen against web applications, Cross-Site Scripting (XSS).

KEY FEATURES
Whilst the main attraction to CSP is mitigating Cross-Site Scripting attacks, it has a lot more to offer. Here are just a few of the things that you can do with CSP:

• Detect mixed-content
• Control where forms can post data
• Restrict loading of any content type
• Automatically fix mixed-content
• Control nested browsing contexts
• Defend against click-jacking