We’ve covered quite a few security related HTTP headers on the blog in recent weeks but the boss of them all has to be Content-Security-Policy (CSP). The boss, both because of the level of protection it provides but unfortunately also because of the difficulty of implementing it correctly on the first go. As with […]
