BestHub
Sign in
Tag

Content Security Policy

1 views collected around this technical thread.

php中文网 Courses
php中文网 Courses
May 28, 2025 · Information Security

Understanding XSS Attacks and Prevention Methods in PHP

Cross‑Site Scripting (XSS) is a common web security vulnerability where malicious scripts are injected into pages, and this article explains typical PHP XSS scenarios, demonstrates code examples, and outlines effective mitigation techniques such as htmlspecialchars(), HTML Purifier, proper headers, secure cookies, CSP, and best practices.

Content Security PolicyWeb SecurityXSS
0 likes · 5 min read
Understanding XSS Attacks and Prevention Methods in PHP
YunZhu Net Technology Team
YunZhu Net Technology Team
Mar 24, 2022 · Information Security

Understanding XSS, CSRF, and Clickjacking: Attack Mechanisms and Defense Measures

This article explains the principles, attack vectors, and mitigation techniques for three common web security threats—Cross‑Site Scripting (XSS), Cross‑Site Request Forgery (CSRF), and Clickjacking—detailing how malicious scripts are injected, how forged requests exploit user credentials, and how defensive headers, token strategies, and frame restrictions can protect applications.

CSRFClickjackingContent Security Policy
0 likes · 14 min read
Understanding XSS, CSRF, and Clickjacking: Attack Mechanisms and Defense Measures
Youzan Coder
Youzan Coder
Mar 9, 2018 · Information Security

Migrating a SaaS Platform to Full‑Site HTTPS: Principles, Resources, and Practical Considerations

The guide details how a SaaS platform can transition to full‑site HTTPS by explaining the TLS handshake, inventorying static assets, domains and third‑party services, using protocol‑relative URLs, configuring redirects and CSP, testing securely, and addressing common migration challenges such as legacy references and external dependencies.

CDNContent Security PolicyHTTPS
0 likes · 13 min read
Migrating a SaaS Platform to Full‑Site HTTPS: Principles, Resources, and Practical Considerations