«
»

WordPress CSP Plugin

My implementation of the Content Security Policy server logic for WordPress is now available as a WordPress Plugin.

Fig.1 – CSP configuration page making a policy recommendation.

Fig. 2 – New panel in media uploader allows direct creation of script files in the uploads directory.

This entry was posted on Friday, May 28th, 2010 at 11:41 am and is filed under Mozilla, Web Security. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

One Response to “WordPress CSP Plugin”

  1. Elias Athanasopoulos says:
    August 6, 2010 at 1:50 am

    Hi Brandon!

    Well done about CSP! I was wondering how does CSP cope with return-to-JavaScript attacks (i.e. code injections that are based in legitimate white-listed code). You can find more at:

    http://www.ics.forth.gr/~elathan/publications/w2sp09.pdf
    http://www.ics.forth.gr/~elathan/publications/webapps10.pdf

    Regards,
    Elias

Leave a Reply

 

Create and Share Trail Maps
Find and create routes for running, hiking, and biking in your local area.