IIUM Repository (IREP)

Mitigating cross-site scripting attacks with a content security Policy

Yusof, Imran and Pathan, Al Sakib Khan (2016) Mitigating cross-site scripting attacks with a content security Policy. Computer, 49 (3). pp. 56-63. ISSN 0018-9162

[img] PDF - Published Version
Restricted to Repository staff only

Download (1MB) | Request a copy
[img] PDF (scopus) - Supplemental Material
Restricted to Repository staff only

Download (432kB) | Request a copy

Abstract

A content security policy (CSP) can help Web application developers and server administrators better control website content and avoid vulnerabilities to cross-site scripting (XSS). In experiments with a prototype website, the authors' CSP implementation successfully mitigated all XSS attack types in four popular browsers.

Item Type: Article (Journal)
Additional Information: 6481/58853
Uncontrolled Keywords: content security policy; Cross-site scripting; CSP; Internet/Web technology; security; Web applications Web vulnerabilities XSS
Subjects: Q Science > QA Mathematics > QA76 Computer software
T Technology > TK Electrical engineering. Electronics Nuclear engineering
T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK5101 Telecommunication. Including telegraphy, radio, radar, television
Kulliyyahs/Centres/Divisions/Institutes: Kulliyyah of Engineering
Depositing User: Dr. Al-Sakib Khan Pathan
Date Deposited: 21 Oct 2017 14:03
Last Modified: 21 Oct 2017 14:03
URI: http://irep.iium.edu.my/id/eprint/58853

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year