https://ask.ghassem.com/tag/csp Powered by Question2Answer https://ask.ghassem.com/189/when-should-one-include-a-content-security-policy <p>Content Security Policy (CSP) is promoted as a way to mitigate content injection vulnerabilities including cross-site scripting. When making a website when should a CSP header be included and when is it of no use?</p> <p>I read <a rel="nofollow" href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP">https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP </a></p> <p>which explained what CSP is, but I am still confused as to <strong>when</strong> to use it.</p> <p>&nbsp;</p> Web Development https://ask.ghassem.com/189/when-should-one-include-a-content-security-policy Fri, 28 Sep 2018 19:15:24 +0000