Dealing with user uploaded files
Reduce the attack vector greatly by limiting the permissions an evil crafted submitted file from a hacker have
Source: chloe.re
Reduce the attack vector greatly by limiting the permissions an evil crafted submitted file from a hacker have
Source: chloe.re
Note that a fight against a browser is practically impossible to win and these methods are nothing more than a second layer of security that only may help. However, many (most) of the extensions don’t know about these methods so they don’t have a workaround. I would still say that these methods are highly recommended and should be considered as best practice.
Source: chloe.re
This article will shortly describe two new headers. We will discuss their functionality, how they can protect the user and finally some considerations.
Source: chloe.re
It’s of much importance that you have a policy in both your response headers and in your HTML
Source: chloe.re
CSP is a great invention, but it can still be implemented poorly and not give its purposed protection. Even more can CSP protect against more than just XSS if you customize the policy accordingly to your websites attack surface.
Source: www.chloe.re
Links relevant to my work and interests: IT, agile, startups, Internet, web development, databases, programming, design patterns, work motivation... (Popular topics)