Content Security Policy Bypass: Exploiting Misconfigurations

Content Security Policy (CSP) is designed to help mitigate content injection attacks such as XSS. While it can be helpful as a part of a defense-in-depth strategy, misconfigurations may be bypassed, especially when used as a sole defensive mechanism. Content Security Policy configurations can be...
James Casteel
July 15, 2021

All papers are copyrighted. No re-posting of papers is permitted