Content-security-policy articles

1/12/2026 • EN

Superhuman AI Exfiltrates Emails

A prompt injection attack on Superhuman AI exposed sensitive emails, highlighting a critical security vulnerability in AI email assistants.

ai security content-security-policy Email Security Google Forms prompt injection

Simon Willison

1/12/2026 • EN

Superhuman AI Exfiltrates Emails

A prompt injection attack on Superhuman AI exposed sensitive emails, highlighting a security vulnerability in third-party integrations.

ai security content-security-policy Email Security Google Forms prompt injection

Simon Willison

2/4/2025 • EN

Configuring your Content-Security-Policy on your development environment in 11ty

A guide to configuring Content-Security-Policy (CSP) headers in a local 11ty development environment for faster testing.

11ty content-security-policy http headers node-js security

Nooshu - Matt Hobbs

12/8/2022 • EN

Colossal Coaster and Stripe CSP - Building SaaS #152

A developer stream recap covering Python list methods, Stripe integration, and Firefox Content Security Policy warnings.

content-security-policy django Firefox Python Stripe

Matt Layman

2/1/2017 • EN

Content Security Policy (CSP) in ASP.NET Core

A guide to implementing Content Security Policy (CSP) headers in ASP.NET Core applications to control resource loading and enhance security.

Aspnet Core content-security-policy middleware Security Headers web security

Joonas Westlin

4/26/2016 • EN

Making IFrames Responsive

A technical guide on using the postMessage API to create responsive iframes by communicating height between embedded and hosting documents.

content-security-policy Embedding iframe Postmessage API responsive design

Ire Aderinokun

7/3/2015 • EN

Manage Third-party Risk Using a Content Security Policy

Explains how to use Content Security Policy (CSP) HTTP headers to mitigate risks from third-party scripts on websites.

content-security-policy Cross Site Scripting http headers Third Party Scripts web security

Simon Hearne

3/17/2015 • EN

Content Security Policy (CSP) for ASP.NET MVC

Explains how to implement Content Security Policy (CSP) in ASP.NET MVC to enhance security by controlling allowed content sources.

Aspnet Mvc content-security-policy Cross Site Scripting http headers web security

Muhammad Rehan Saeed

2/5/2015 • EN

NWebSec ASP.NET MVC Security Through HTTP Headers

A guide to enhancing ASP.NET MVC security using NWebSec NuGet packages to configure HTTP response headers and implement Content Security Policy.

Aspnet Mvc content-security-policy http headers Nwebsec web security

Muhammad Rehan Saeed

9/19/2013 • EN

Processing Content Security Policy violation reports

Explains how to process Content Security Policy violation reports with a practical PHP script example.

content-security-policy http json php web security

Mathias Bynens

8/27/2013 • EN

Hiding JSON-formatted data in the DOM with CSP enabled

Explains how to pass server-generated JSON data to the front-end when Content Security Policy (CSP) blocks inline scripts, comparing performance impacts.

content-security-policy dom json performance security

Mathias Bynens

Content-security-policy Articles

Superhuman AI Exfiltrates Emails

Superhuman AI Exfiltrates Emails

Configuring your Content-Security-Policy on your development environment in 11ty

Colossal Coaster and Stripe CSP - Building SaaS #152

Content Security Policy (CSP) in ASP.NET Core

Making IFrames Responsive

Manage Third-party Risk Using a Content Security Policy

Content Security Policy (CSP) for ASP.NET MVC

NWebSec ASP.NET MVC Security Through HTTP Headers

Processing Content Security Policy violation reports

Hiding JSON-formatted data in the DOM with CSP enabled

Select Language