User:BWolff (WMF)/CSP/1

What is it?
"Content Security Policy".

What does that actually mean?
Its a web browser feature that disables certain browser features that are commonly used in exploiting security vulnerabilities, particularly XSS (Cross-site scripting) type vulnerabilities.

In mediawiki this can be used to help lock down your MediaWiki, so even if you install an extension with a bug in it, your wiki would still be safe*

* For some types of vulnerabilities.

next