What’s the purpose of the HTML “nonce” attribute for script and style elements?
W3C says there is a new attribute in HTML5.1 called nonce for style and script that can be used by the Content Security … Read more
content-security-policy
How does Content Security Policy (CSP) work?
I’m getting a bunch of errors in the developer console: Refused to evaluate a string Refused to execute inline script because it violates … Read more
Content Security Policy “data” not working for base64 Images in Chrome 28
In this simple example, I’m trying to set a CSP header with the meta http-equiv header. I included a base64 image and I’m … Read more