User:BWolff (WMF)/CSP/1

From mediawiki.org

CSP[edit]

For context, these are slides from a presentation I gave at EMWCon 2019. My laptop couldn't connect to the projector so I quickly copy and pasted to the wiki, so the slides might not be exactly perfect

What is it?[edit]

"Content Security Policy".

What does that actually mean?[edit]

Its a web browser feature that disables certain browser features that are commonly used in exploiting security vulnerabilities, particularly XSS (Cross-site scripting) type vulnerabilities.

In mediawiki this can be used to help lock down your MediaWiki, so even if you install an extension with a bug in it, your wiki would still be safe*

*For some types of vulnerabilities.

next

Retrieved from "https://www.mediawiki.org/w/index.php?title=User:BWolff_(WMF)/CSP/1&oldid=3176320"