Rudra
Rudra's blog

Rudra's blog

Content security ( CSP )

Content security ( CSP )

Rudra's photo
Rudra
·May 1, 2022·

1 min read

Subscribe to my newsletter and never miss my upcoming articles

Table of contents

  • Content Security Policy ( CSP )
  • How to use

Content Security Policy ( CSP )

CSP is a layer that helps to prevent certain types of attacks including Cross-Site Scripting ( XSS ) and data injection attacks. These types of attacks are used to deface websites and steal data.

CSP is designed to be fully backward compatible.

How to use

Basically, there are two ways to use the CSP, First way is to set Content-Security-Policy in HTTP Header and the second way is to set element in HTML <head>.

Header Example:

<?php
    header("Content-Security-Policy: default-src 'self'");
?>

HTML Example:

<meta http-equiv="Content-Security-Policy"
      content="default-src 'self'; img-src https://*; child-src 'none';">
 
Share this