W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2014

Re: CSP Transition Tools

From: John Wong <gokoproject@gmail.com>
Date: Mon, 13 Jan 2014 20:59:43 -0500
Message-ID: <CACCLA54Nvy=Ly+vTAZQ56fPZbed0-KX4Ei5aZVAX45CygSVjnw@mail.gmail.com>
To: Garrett Robinson <grobinson@mozilla.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
This talk was given in this year's AppSec USA. Might be useful.
The deck should be here:

On Mon, Jan 13, 2014 at 5:26 PM, Garrett Robinson <grobinson@mozilla.com>wrote:

> Hey webappsec!
> I'm working on encouraging some large site operators to transition to
> using CSP. As we know, the process of transitioning is not easy,
> especially on large, established sites with lots of inline code. I want
> to give them some advice about techniques and tools they can use to make
> this process easier.
> If you've transitioned a site (especially a large and/or complex one) to
> use CSP, please consider sharing your process, tools, and any lessons
> learned! I'd love to build an inventory that we could maybe turn into a
> document to help site operators transition.
> -Garrett
Received on Tuesday, 14 January 2014 02:00:11 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:37 UTC