Index ¦ Archives ¦ Atom > Tag: HTTP

Calculating a base64 encoded sha256 sum of inline scripts for your content security policy

A while ago I wrote a post on HTTP Security Headers and part of that invloved setting up a content security policy (CSP) and in that I say

I've done a SHA-256 hash of the script

and I just left it at that, simple right? Only now a it's little …

HTTP Secuirty Headers

This week I decided to play around with and see if I could get an A+ rating.

Security Headers

I already had Public Key Pinning and Strict Transport Security so those two were easy.

Then I added Xss-Protection, but I wasn't sure what exactly it did. After a bit of …

Creative Commons License
Content on this site is licensed under a Creative Commons Attribution 4.0 International License.
Built using Pelican. Based on a theme by Giulio Fidente on github.