Content Security Policy with Rails - RubySG

Published on: Thursday, 17 September 2020

Speaker: Kang Sheng

Content Security Policy (CSP) is like a browser side firewall that helps protect against attacks such as XSS. By specifying the policy, the browser will follow your specifications to whitelist the assets that are allowed to be loaded on your website. It is really easy to configure CSP in Rails, but you might accidentally break your site when not done properly. In this talk, we will go through what is CSP and how can we roll it out safely to secure your website.

Event Page:

Produced by Engineers.SG
Recorded by: Michael