adactio

securityheaders.io

January 12th, 2016

A quick way of testing for some fairly easy to fix security leakage from your server’s headers.

I say easy to fix, but I find the fix for public key-pins pant-shittingly intimidating.

9:54pm

Tagged with security server headers xss csp test

« Newer Older »

Related links

GitHub’s CSP journey - GitHub Engineering

A step-by-step walkthrough of how GitHub has tweaked its Content Security Policy over time. There are some valuable insights here, and I’m really, really happy to see companies share this kind of information.

Friday, April 15th, 2016 9:40am

Tagged with security csp headers html forms images scripts hacks server development