Content Security Policy Can be bypassed in Chrome?
ฝัง
- เผยแพร่เมื่อ 10 ส.ค. 2020
- A recent flow now allows attackers to override CSP by doing the following. Chrome fixed it thankfully.
Resources
Issue 1064676: full CSP bypass while evaluating a javascript-URL in iframe. (CVE-2020-6519)
bugs.chromium.org/p/chromium/...
Learn more about CSP
developer.mozilla.org/en-US/d...
My XSS video
🏭 Backend Engineering Videos
• Backend Engineering (B...
💾 Database Engineering Videos
• Database Engineering
🛰 Network Engineering Videos
• Network Engineering
🏰 Load Balancing and Proxies Videos
• Proxies
🐘 Postgres Videos
• PostgresSQL
🚢Docker
• Docker
🧮 Programming Pattern Videos
• Programming Patterns
🛡 Web Security Videos
• Web Security
🦠 HTTP Videos
• HTTP
🐍 Python Videos
• Python by Example
🔆 Javascript Videos
• Javascript by Example
👾Discord Server / discord
Become a Member
/ @hnasr
Support me on PayPal
bit.ly/33ENps4
Become a Patreon
/ hnasr
Stay Awesome,
Hussein - วิทยาศาสตร์และเทคโนโลยี
![กินอาหาร ถูก vs แพง!! จานละ 500,000 vs จานละ 50!! [Ver. 2024]](http://i.ytimg.com/vi/FF_HppKg4vs/mqdefault.jpg)
This is a legit worthwhile video to watch. Nicely done! Thanks :D
As usual your content is great. I find your videos to be easily understandable.
prasanna m i am glad to hear that thank you 😊
Hi Hussein, Thanks for your useful content. About 8:40, actually *document.cookie* will evaluate in the context of the main (top) window before appending to the string. So accessing the cookie is not required in the .
Mahdi Shojaei good catch!!! Exactly that, thanks for correcting me
Nice one.. learnt alot.
Hey, Hussein I really love your channel man, always good content.
Because of you, I decided to work only on the backend.
I was wondering if you did or planning to do a video on how Nginx handles caching.
Thank you.
Taulant Vokshi I am glad that you found what you are passionate about and that the content help 😊
Yes! NginX is a beast and I barely scratched the surface on it. Caching is on my list
@@hnasr Thank You.
Great video!
Artem S thanks Artem!
quality content, thanks a lot
hakim hassani 🙏
00:58 what is CSP ? 01:40 if there are images coming from another domain, please do not send get requests to that URL 02:21 you can set it as part as a meta tag 02:25 or as back end engineers, set it as part of the payload headers coming back from the servers
------------------------------------------------------
03:09 the bug
------------------------------------------------------
Thank you for sharing. I was wondering how CSP header works when we have different types of responses(html, json, xml, etc.) in the website, is it enough to set the CSP only for the first html(root) response? or is there any point to set CSP on every response from the server?, for example json data from rest API.
It is enough to set for the HTML/root page.
Every html page should get its own CSP, so either add it to the meta tag or respond it with headers..
if it is not set so which vulnerability it is?
First time ever heard someone says "Ping file" instead of PNG file xD
Great info! Thank you, Will it be vulnerable if the CSP set in http header?
It should I think
♥️
Can we bypass paid videos like skillcapped videos
Just subbed after watching a video on mime sniffing..great explanation..but please dont zoom out the code its hard to follow
Instantiate will do thanks!
"javascript:" in the URL is nasty. This should have been banned a long time ago.
please give your content more space, it's hard to read. Use a green screen or something to show yourself.
Please, never use javascript: !!! (use it only for xss testing and nothing more)