March 2020
Intermediate to advanced
608 pages
17h 17m
English
Content preview from Django 3 Web Development Cookbook - Fourth Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Making requests secure with Content Security Policy (CSP)
Dynamic multi-user websites usually allow users to add all kinds of data from a wide variety of media types: images, videos, audios, HTML, JavaScript snippets, and so on. This opens up the potential of users adding malicious code to the website that could steal cookies or other personal information, call unwanted Ajax requests in the background, or do other harm. Modern browsers support an extra layer of security that whitelists the sources of your media resources. It is called CSP and in this recipe, we will show you how to use it within a Django website.