Implement a custom code component for Content Security Policy (CSP) checks on web applications in ShipSec Studio.
Please ensure to write both integration and individual tests for the component.
Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks. It assists with the process of reviewing CSP policies, which is usually a manual task, and helps identify subtle CSP bypasses which undermine the value of a policy.
Ref:
- https://github.com/google/csp-evaluator
- https://csp-evaluator.withgoogle.com/
Implement a custom code component for Content Security Policy (CSP) checks on web applications in ShipSec Studio.
Please ensure to write both integration and individual tests for the component.
Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks. It assists with the process of reviewing CSP policies, which is usually a manual task, and helps identify subtle CSP bypasses which undermine the value of a policy.
Ref: