Security   495191

« earlier    

Content Security Policy | https://github.com/
Bookmarklets

As made clear by the CSP spec, browser bookmarklets shouldn't be affected by CSP.

Enforcing a CSP policy should not interfere with the operation of user-supplied scripts such as third-party user-agent add-ons and JavaScript bookmarklets.

http://www.w3.org/TR/CSP/#processing-model

Whenever the user agent would execute script contained in a javascript URI, instead the user agent must not execute the script. (The user agent should execute script contained in "bookmarklets" even when enforcing this restriction.)

http://www.w3.org/TR/CSP/#script-src

But, none of the browsers get this correct. All cause CSP violations and prevent the bookmarklet from functioning.

Though its highly discouraged, you can disable CSP in Firefox as a temporary workaround. Open up about:config and set security.csp.enable to false.
security  github  javascript  csp  firefox  bookmarklet  annoyance  sortof  solution 
yesterday by kme
Information Security Interview Questions
The Philosophy of Technical Interviewsh Encryption Security Wisdom Network Security Application Security Business Risk The Onion Model The Role-playing Mod
security 
yesterday by cmhamill
Quad 9 | Internet Security and Privacy in a Few Easy Steps
public DNS (9.9.9.9) that blocks malicious redirects. Nice.
dns  security  internet  malware 
yesterday by 3rdparty
Kubernetes Network Policy Recipes - Recipes for securing cluster networking with Kubernetes Network Policies
This repository contains various use cases of Kubernetes Network Policies and sample YAML files to leverage in your setup. If you ever wondered how to drop/restrict traffic to applications running on Kubernetes, read on.
Kubernetes  networking  opensource  security 
yesterday by liqweed

« earlier    

related tags

agile  amazon  america  analysis  android  annoyance  app  apple  application  archive  assembly  audit  aws  b2  backblaze  backup  best-practice  best_practices  bestpractice  blacklist  blog  bookmarklet  breach  browser  business  c-lang  card  cards  certificate-pinning  certificates  cia  class  cli  cloud  code  computer-support  computer  congress  consumer  credit  creditcard  crime  crisismanagement  crypto  cryptography  csp  ctf  darkweb  data  ddos  debian  desenvolvimento  design  development  devops  digital  dns  domain  drone  drones  drupal  duplicity  dzone  education  eff  efi  embedded  encoding  encryption  equifax  etw  exploit  faceid  fail  finance  firefox  firmware  foi  free  fuzzing  github  golang  google  gov2.0  guide  hack  hacking  hardware  howto  http/s  https  ibm  identity_theft  infosec  intel  internet  ios  iot  iphone  java  javascript  kernel  kids  kubernetes  law_enforcement  linux  list  logging  mac  malware  manual  microsoft  monitoring  network  networking  obfuscation  oneplus3t  opensource  opsec  oss  osx  parser  passwords  pentest  pentesting  personal  phishing  php  pioneer  police  politics  powershell  privacy  programming  protection  publicrelations  realtime  reference  report  rescue  retail  revocation  root  rootkit  safety  scan  scanner  security  server  service  shell  smart  socialmedia  society  software  solution  sortof  spain  specialist  ssl  startup  sysadmin  system  teaching  tech  technology  terminal  tip  tolearn  tool  tools  toread  touchbar  touchid  tounderstand  tutorial  utf-8  utilities  vulnerabilities  vulnerability  web  webdev  whatsapp  white  wikileaks  windows  wordpress  wrapper   

Copy this bookmark:



description:


tags: