Author: Philippe Arteau

Auditing CSP headers with Burp and ZAP

Content Security Policy (CSP)  is a HTTP header that instruct the browser to limit resource loading of media, styles and scripts. As you may know, CSP is not adopted yet by industry. Multiple surveys have already been made about the adoption of the security header [1] [2] [3]. Even so, it does not mean that we cannot prepare ourselves for

Continue reading …