Content Security Policy
Premium roomIn this room you'll learn what CSP is, what it's used for and how to recognize vulnerabilities in a CSP header.
medium
75 min
3,314
To access material, start machines and answer questions login.
Welcome to the room! In this room, you'll learn what is, what it's used for, and how to exploit flaws in a flawed configuration. If you don't know what (Cross-site scripting) is, I would recommend checking out the room, as you'll need to have some experience with .
What is ?
Content Security Policy, or , is a policy usually sent via an response header from the webserver to your browser when requesting a page that describes which sources of content the browser should allow to be loaded in, and which ones should be blocked. In case an or data injection vulnerability is found in a website, is designed to prevent this vulnerability from being exploited until it's properly patched, and should serve as an extra layer of protection, not as your only line of defense.
A policy can also be included within the page's HTML source code, using the <meta> tag, such as this:<meta http-equiv="Content-Security-Policy" content="script-src 'none'; object-src 'none';">
How can be bypassed?
If you've found an vulnerability in a website, but can't run any unauthorized code, the of the website may be blocking it. What you'll need to do is read the policy sent by the server and see if any flaws in it could be exploited to successfully inject and execute your payload.
CSP is designed to add an additional layer of protection against the exploitation of what vulnerability?
In which part of the HTTP response does the server usually send the policy to the client?
Ready to learn Cyber Security?
The Content Security Policy room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in