A relatively new feature in browsers, Content Security Policy is a tool that protects your web application against Cross-Site Scripting (XSS) vulnerabilities. By declaring to the browser the location where scripts and other resources are supposed to come from, the browser knows to block resources coming from anywhere else.
Videos & Talks
DjangoCon 2014 – Practical Django Security
Web application security is an ever present problem. The “don’t trust user input” mantra sounds nice but doesn’t practically work. In this talk we will go over introduce and apply a set of practical programming paradigms that you can use to write secure code.