This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Test Content Security Policy (OTG-CONFIG-008)"
From OWASP
(Created page with "{{Template:OWASP Testing Guide v4}} == Brief Summary == <br> ..here: we describe in "natural language" what we want to test. <br> == Description of the Issue == <br> ...her...") |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
== Brief Summary == | == Brief Summary == | ||
<br> | <br> | ||
| − | + | Content Security Policy (CSP) is an W3C specification instructs the client browser (using a directive) from which location and/or which type of resources are allowed to be loaded. | |
<br> | <br> | ||
== Description of the Issue == | == Description of the Issue == | ||
| Line 16: | Line 16: | ||
...<br><br> | ...<br><br> | ||
== References == | == References == | ||
| + | [https://www.owasp.org/index.php/List_of_useful_HTTP_headers OWASP List of useful HTTP headers] | ||
| + | |||
'''Whitepapers'''<br> | '''Whitepapers'''<br> | ||
...<br> | ...<br> | ||
'''Tools'''<br> | '''Tools'''<br> | ||
...<br> | ...<br> | ||
Latest revision as of 22:39, 20 November 2013
This article is part of the new OWASP Testing Guide v4.
Back to the OWASP Testing Guide v4 ToC: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents Back to the OWASP Testing Guide Project: https://www.owasp.org/index.php/OWASP_Testing_Project
Brief Summary
Content Security Policy (CSP) is an W3C specification instructs the client browser (using a directive) from which location and/or which type of resources are allowed to be loaded.
Description of the Issue
...here: Short Description of the Issue: Topic and Explanation
Black Box testing and example
Testing for Topic X vulnerabilities:
...
Result Expected:
...
References
OWASP List of useful HTTP headers
Whitepapers
...
Tools
...
