Content Security Policies


Comments are closed.

David Goodwin at 14:20 on 1 Oct 2016

thanks .... you taught me something new :)

Jeroen de Jong at 14:43 on 1 Oct 2016

Great talk. Never heard of the concept before, will start using it in the future for sure! Can't think of anything to improve at the moment ;-)

A very educational talk on CSP. A really good and easy to follow presentation with some really good links to follow on.

Something to look into more closely. Good call on the log first approach.

Pete McFarlane at 17:12 on 1 Oct 2016

A great unconference talk, something I didn't know existed but good to learn about. I would like to see some live examples of browsers stopping or preventing content loading but I will have to look something up for myself :)

Derek Kaye at 15:47 on 2 Oct 2016

Wow! I had only seen CSP in passing and this talk taught me a lot and gave me some things to try out myself. I'd like to see this as a main-track talk next year.
I think this is the best talk I saw all weekend.

Chris Emerson at 16:02 on 2 Oct 2016

I had heard of CSPs before this talk but knew nothing about how they worked. Matt gave a great introduction to them, covering what they are, how they help, what they are capable of, downsides, potential issues with implementation & how to introduce them without causing problems. Delivered confidently and clearly.

Andy Roberts at 10:49 on 3 Oct 2016

Excellent speaker, enthusiastic and passionate about his talk. To be fair, I didn't know what to expect from this talk, but was pleasantly surprised to see it was standard introduced to mitigate cross scripting attacks - always enjoy learning something new.

Ben Plummer at 13:15 on 3 Oct 2016

I've never really looked into CSPs before and found this to be a great introduction into the concept and how it works.

Would be nice to see some live demos however with the amount of content Matt already had and the time restrictions of an unconference talk, it's understandable. Maybe if the talk expands in the future!

Nigel Greenway at 08:29 on 4 Oct 2016

I've only heard about content security policies over the past month or so, so it was nice to see a talk on it. The talk was informative and was nice to hear experiences Matt and his team had in which he gave advice on when you would and wouldn't use it, the history and the possible future. Questions were answered confidently and honestly.