Glossary of Security Terms: CSP

August 23rd 2020

@mozillaMozilla Contributors

Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.

A CSP (Content Security Policy) is used to detect and mitigate certain types of website related attacks like XSS and data injections.

The implementation is based on an HTTP header called

Content-Security-Policy

Learn more

General knowledge

• Content Security Policy on Wikipedia

Technical knowledge

• Content Security Policy documentation on MDN

 View Previous Terms:

• Block cipher mode of operation
• Certificate authority
• Challenge-response authentication
• Cipher
• Cipher suite
• Ciphertext
• CORS
• CORS-safelisted request header
• CORS-safelisted response header
• Cross-site scripting
• Cryptanalysis
• Cryptographic hash function
• Cryptography
• CSRF
• Decryption
• Digital certificate
• DTLS (Datagram Transport Layer Security)
• Encryption
• Forbidden header name
• Forbidden response header name
• Hash
• HMAC
• HPKP
• HSTS
• HTTPS
• Key
• MitM
• OWASP
• Preflight request
• Public-key cryptography
• Reporting directive
• Robots.txt
• Same-origin policy
• Session Hijacking
• SQL Injection
• Symmetric-key cryptography
• TOFU
• Transport Layer Security (TLS)

Credits

• Source: https://developer.mozilla.org/en-US/docs/Glossary/CSP
• Published under Open CC Attribution ShareAlike 3.0 license

Related

Never get a boring domain. Get .Tech!

Visit Radix https://bit.ly/3cg9cv7

promoted

JavaScript Concurrency Models: The Event Loop

1 reaction

#javascript

@mozillaMozilla Contributors

5min

01/14/21

How to Prepare for Usability Testing - Part 2

14 reactions

#usability-testing

@avrorashuhaliiProduct Designer

01/24/21