Serge van den Boom wrote on 6/23/2009 3:48 PM:
> On 2009-06-23, Bil Corry wrote:
>> Serge van den Boom wrote on 6/23/2009 8:13 AM:
>>> However, by injecting an X-Content-Security-Policy header with the
>>> policy-uri set to the vulnerable URL, the web client can be tricked into
>>> visiting the
On 2009-06-23, Bil Corry wrote:
> Serge van den Boom wrote on 6/23/2009 8:13 AM:
>> However, by injecting an X-Content-Security-Policy header with the
>> policy-uri set to the vulnerable URL, the web client can be tricked into
>> visiting the vulnerable URL.
>
> It would only work for those pages
Serge van den Boom wrote on 6/23/2009 8:13 AM:
> However, by injecting an X-Content-Security-Policy header with the
> policy-uri set to the vulnerable URL, the web client can be tricked into
> visiting the vulnerable URL.
It would only work for those pages where a X-Content-Security-Policy header
Hi,
If I'm not mistaken, there is a hypothetical situation where CSP can be
used to the benefit of an attacker. Consider the scenario where:
* the website contains a stored header injection vulnerability,
* the website contains a XSRF vulnerability, and
* the web client supports CSP.
To exploit a