If you've been reading this blog, you have already heard about Content Security Policy (CSP), a really powerful and important browser security policy, introduced a few years ago. However, if you have taken a stab at implementing a CSP policy for your application, you may have noticed that there are many hurdles to overcome, you may have sworn profusely, and you may even have kicked CSP out the door altogether. I totally get it, CSP is a really complex beast, and retrofitting CSP to an existing web application can be extremely painful. However, I'm asking you to give CSP another chance, and keep reading to discover how to deploy CSP step by step, and which tools you can use to ease the process.
Read More ›