BestHub
Sign in
Tag

CSP

0 views collected around this technical thread.

Tencent Technical Engineering
Tencent Technical Engineering
Apr 10, 2025 · Information Security

AI-Generated Code Introduces XSS Vulnerabilities: A Case Study and Security Guidance

The Woodpecker team shows that AI‑generated code, exemplified by Simon Willison’s HTML slideshow tool, can embed unsanitized inputs that create exploitable XSS flaws, and they recommend zero‑trust AI prompts, rigorous input filtering, CSP, AI‑assisted scanning, and secure supply‑chain practices to mitigate such risks.

AI securityCSPOpen Source
0 likes · 9 min read
AI-Generated Code Introduces XSS Vulnerabilities: A Case Study and Security Guidance
Python Programming Learning Circle
Python Programming Learning Circle
Jan 15, 2025 · Fundamentals

Communicating Sequential Processes (CSP): Concepts, Implementations, and Python Libraries

This article explains the CSP concurrency model, compares it with the Actor model, discusses its advantages and limitations, and reviews Go's native support as well as several Python libraries and experimental projects that aim to bring CSP-style parallelism to Python.

AsyncCSPConcurrency
0 likes · 11 min read
Communicating Sequential Processes (CSP): Concepts, Implementations, and Python Libraries
DaTaobao Tech
DaTaobao Tech
Aug 25, 2022 · Frontend Development

Understanding and Handling Script Error in Web Development

The article explains that browsers mask cross‑origin script failures as generic “Script error” due to the same‑origin policy, outlines the proper fix of adding the crossorigin attribute and Access‑Control‑Allow‑Origin header, critiques ad‑hoc proxy or try‑catch workarounds, and recommends systematic measures such as CSP Report‑Only, monitoring tools, and proper script whitelisting.

CSPCross-OriginFront-end Debugging
0 likes · 7 min read
Understanding and Handling Script Error in Web Development
NetEase Cloud Music Tech Team
NetEase Cloud Music Tech Team
May 5, 2022 · Frontend Development

Building a Music Recognition Chrome Extension with Manifest V3 and WebAssembly

The article explains how NetEase Cloud Music built a Chrome extension that captures tab audio, processes it with an AudioWorkletNode, extracts fingerprints via WebAssembly in a sandboxed iframe, and matches songs locally, all while navigating Manifest V3’s service‑worker, CSP, and deprecation constraints.

Audio FingerprintingAudioWorkletBrowser Plugin
0 likes · 12 min read
Building a Music Recognition Chrome Extension with Manifest V3 and WebAssembly
Qunar Tech Salon
Qunar Tech Salon
Oct 18, 2018 · Information Security

XSS Attacks: Introduction, Classification, Prevention, and Detection

This article explains the fundamentals of Cross‑Site Scripting (XSS) attacks, presents real‑world examples, classifies stored, reflected, and DOM‑based XSS, and provides comprehensive prevention, detection, and mitigation techniques for frontend developers, including proper escaping, whitelist schemes, CSP, and secure coding practices.

CSPEscapingXSS
0 likes · 27 min read
XSS Attacks: Introduction, Classification, Prevention, and Detection
360 Quality & Efficiency
360 Quality & Efficiency
Sep 14, 2018 · Information Security

Resolving CSS/JS Loading Issues in Jenkins HTML Publisher Plugin by Adjusting CSP

This article explains why Jenkins' HTML Publisher Plugin often fails to load custom CSS and JavaScript due to its default Content Security Policy, and provides two solutions: temporarily disabling CSP via a Groovy command and permanently applying the change using a startup-triggered job.

CI/CDCSPGroovy
0 likes · 4 min read
Resolving CSS/JS Loading Issues in Jenkins HTML Publisher Plugin by Adjusting CSP
Beike Product & Technology
Beike Product & Technology
Jul 27, 2018 · Backend Development

Understanding Go's CSP Concurrency Model and Scheduler (MPG)

This article explains Go's concurrency foundations, detailing the difference between concurrency and parallelism, the CSP model using goroutines and channels, and the internal M‑P‑G scheduler architecture that balances work across processors and system threads.

CSPConcurrencyGo
0 likes · 9 min read
Understanding Go's CSP Concurrency Model and Scheduler (MPG)
Architects' Tech Alliance
Architects' Tech Alliance
Oct 3, 2017 · Fundamentals

Understanding SDN and NFV: Concepts, Solutions, and Challenges for CSPs

The article provides a comprehensive overview of Software‑Defined Networking (SDN) and Network Functions Virtualization (NFV), detailing their concepts, major vendor solutions, open‑source projects, industry challenges, and the considerations CSPs must address when adopting these technologies for agile, automated network services.

CSPNFVNetwork Virtualization
0 likes · 11 min read
Understanding SDN and NFV: Concepts, Solutions, and Challenges for CSPs
Architect
Architect
Dec 16, 2015 · Information Security

Understanding HTTPS Certificates, Trust Chains, and Security Practices

This article explains how HTTPS certificates are trusted, the role of Certificate Authorities, how browsers verify signatures, common pitfalls such as compromised root certificates, and practical measures like CSP and gradual rollout strategies to ensure secure web deployments across different regions and devices.

CSPCertificatesTLS
0 likes · 8 min read
Understanding HTTPS Certificates, Trust Chains, and Security Practices
High Availability Architecture
High Availability Architecture
Jul 30, 2015 · Information Security

Web Application Security Threats and Mitigation Strategies

This article outlines the most common web application security threats—including XSS, SQL injection, CSRF, transmission hijacking, credential leaks, brute‑force attacks, and token theft—and provides practical mitigation techniques such as proper escaping, CSP, parameterized queries, CSRF tokens, HTTPS, HSTS, HPKP, encrypted password storage, two‑factor authentication, and robust token handling.

CSPCSRFSQL injection
0 likes · 26 min read
Web Application Security Threats and Mitigation Strategies