Overview What You Will Learn Curriculum Instructor

Course Overview

XSS attacks are among the top ten most common exploits in web applications. To prevent XSS attacks, many mitigations can be used. One of the most useful mitigations is the implementation of a Content Security Policy or CSP.  

This course will introduce you to CSP. You will learn how to use CSP to reduce or eliminate the ability to trigger XSS. You will understand when to use CSP and when not to use it. The course will teach you how you can create and test a basic CSP. Moreover, with the use of various use cases, you will learn how to write CSPs in your applications.

By the end of this course, you will learn how CSP policies work when to use CSP policies, as well as various ways to implement and test a CSP policy.  

What You Will Learn

  • What a Content Security Policy (CSP) is
  • When you should and should not use a CSP
  • How to create and test a basic CSP
  • Various methods for preventing code injection attacks with CSP

Program Curriculum

  • What Is Cross-site Scripting?
  • Building an XSS Test Site
  • How Does CSP Work?
  • How to Use CSP with Node.js?
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • Fetch Directives
  • Document Directives
  • Navigation Directives
  • Reporting Directives
  • Chapter 2 Quiz

  • Blocking Inline Scripts
  • The script-src Directive
  • The child-src Directive
  • The connect-src Directive
  • The image-src Directive
  • The media-src Directive
  • Sandboxing
  • Chapter 3 Quiz

  • Writing CSPs for XSS Protection
  • Hashes - Demo
  • Nonces - Demo
  • Writing CSPs for Single Page Applications
  • Implementing a CSP
  • Google’s CSP Methodology
  • GitHub’s CSP Implementation
  • Frame-based Attacks
  • CSP to Prevent Frame-based Attacks

  • The Report-to Directive
  • The Report-only Mode
  • CSP Level 3 Updates
  • CSP in Meta Tags
  • Alternative URL Types
  • Further Directive Types
  • Migrating from HTTP to HTTPS
  • Next Steps in Header Security
  • Chapter 5 Quiz
Load more modules

Instructor

Scott Cosentino

Scott Cosentino is a developer and teacher who is passionate about learning. He works primarily in software development and computer security. Aside from this, he has taught students a variety of programming-related topics, and he loves to inspire students to be passionate about the topics that he teaches. He has experience in both large classes and one on one teaching. Scott believes that mathematics and computer science can be approachable and fun topics. he tailors his courses so that they are easy to comprehend, with an exploration of what, why, and how of every topic. He understands that these topics are not a spectator sport, so he provides as many examples and practises problems as possible so that the viewer can follow along and learn!

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 880+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro, Plus:

  • 1600+ Hands-on lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Hands-on Labs and Challenges added every month

Related Courses

  • Bootstrap 4 Quick Website Bootstrap Components Course
    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches
    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course
    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS
    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training
    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes
    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally
    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

  • Mastering Ansible Playbooks: Debugging and Security
    Short Course

    Mastering Ansible Playbooks: Debugging and Security

    Software Development

    Securing and Automating Linux and Windows Systems with Advanc...

    $99.99

    Advanced

    5 hr 34 m

1 50
View all