20th*, 21st & 22nd February 2019 info@phpconference.co.uk @phpukconference

Video archive

Content Security Policy to the Rescue

Video details

Speaker: Dheeraj Joshi
Length: 40:27


Developing web applications with security in mind is very much important in today’s world with the increase in online attacks and fraud. Content Security Policy is a defense-in-depth mechanism which can help in mitigating Cross-Site Scripting vulnerabilities. In this talk, we’ll see a live demo of an intentionally vulnerable web application and how Content Security Policy can prevent attacks. I’ll also talk about some success stories where companies successfully deployed CSP. We’ll discuss some common bypasses available for CSP and how CSP can be used to prevent other sets of issues like clickjacking, HTTPS migration, secure form submissions.

Stay up-to-date with PHP UK

Enter your email address to join the PHP UK Conference mailing list and be the first to hear our latest news and announcements.