- From: Jim Manico <jim.manico@owasp.org>
- Date: Sat, 3 Jan 2015 10:55:34 -1000
- To: Craig Francis <craig.francis@gmail.com>
- Cc: Jiri Danek <softwaredevjirka@gmail.com>, "mozilla-dev-security@lists.mozilla.org" <mozilla-dev-security@lists.mozilla.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>, security-dev <security-dev@chromium.org>, blink-dev <blink-dev@chromium.org>
> It's one of the reasons I'm really pushing for a security tab in the web dev tools, to help with education and usage of the features that are available... i.e. have you tried implementing a CSP header before? it's good fun :-) Cool. I'm running CSP on several of my sites. Easy to set up for new development, lots of tools out there to make it easier. script hashing and script noncing are awesome. I can even easily protect inline scripts now... Building complex websites is very tough. Security is just another engineering task... :) -- Jim Manico @Manicode (808) 652-3805 > On Jan 3, 2015, at 2:21 AM, Craig Francis <craig.francis@gmail.com> wrote: > > It's one of the reasons I'm really pushing for a security tab in the web dev tools, to help with education and usage of the features that are available... i.e. have you tried implementing a CSP header before? it's good fun :-)
Received on Saturday, 3 January 2015 20:56:04 UTC