Reining in the web with content security policy

  title={Reining in the web with content security policy},
  author={Sid Stamm and Brandon Sterne and Gervase Markham},
The last three years have seen a dramatic increase in both awareness and exploitation of Web Application Vulnerabilities. 2008 and 2009 saw dozens of high-profile attacks against websites using Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) for the purposes of information stealing, website defacement, malware planting, clickjacking, etc. While an ideal solution may be to develop web applications free from any exploitable vulnerabilities, real world security is usually provided… CONTINUE READING
Highly Influential
This paper has highly influenced 31 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 223 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 106 extracted citations

A survey of detection methods for XSS attacks

J. Network and Computer Applications • 2018
View 19 Excerpts
Highly Influenced

Research and Implementation of Cross-site Scripting Defense Method Based on Moving Target Defense Technology

2018 5th International Conference on Systems and Informatics (ICSAI) • 2018
View 4 Excerpts
Method Support
Highly Influenced

Content Security Problems?: Evaluating the Effectiveness of Content Security Policy in the Wild

ACM Conference on Computer and Communications Security • 2016
View 5 Excerpts
Highly Influenced

223 Citations

Citations per Year
Semantic Scholar estimates that this publication has 223 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-6 of 6 references

Bug 493857: Implement content security policy

M. Corporation bug.cgi?id=csp, • 2009
View 3 Excerpts
Highly Influenced

In Mozilla Documentation, August 2001. URL: security/components/same-origin.html

J. Ruderman
View 5 Excerpts
Highly Influenced