Tag: CSP

Total 32 Posts

Launching Report URI JS

The most common way to set a Content Security Policy on your site is to deliver it as a HTTP response header, but that's not always possible. On hosted platforms like GitHub Pages, Ghost Pro or WordPress it's not always easy or even possible to set a HTTP response header.…

Continue Reading

Malware hunting with CSP

I recently had some great fun using CSP in a way that I've been really excited to talk about. We are starting to utilise the full power of CSP reports to find a way to hunt down malware infected endpoints on a corporate network! Building on previous work I have…

Continue Reading