Asynchronous flow control (promises, generators, observables, CSP, etc)

Examples of security features (or mishaps) on web applications -- these are mostly examples and tutorials from the WASEC book.

A plugin which, when combined with HTMLWebpackPlugin, adds CSP tags to the HTML output.

A Gatsby plugin which adds strict Content Security Policy to your project.

Module for Nuxt.js to configure security headers and more

nodejs + express security and performance boilerplate.

WebExtension allow to execute bookmarklets as privileged scripts

A chrome extension that helps you disable or bypass Content Security Policy(CSP),which is based on Manifest V3.

This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) and HTML sanitizers like DOMPurify.

Plugin to generate hash for inline scripts and styles for CSP

Allow inline scripts regardless of site policy

Furniture website backend. Group 4 project

Talk+workshop series on foundational understanding through implementation.

A simple NodeJS program that hashes JS files/codes and output it on the terminal or in files or via variables

User-defined Content Security Policy

How to implement a nonce-based Content Security Policy (CSP) for an ASP.NET Core Application

Riew is a reactive library that uses CSP concepts for managing data and application flow.

Dhroraryus generates schedules intelligently according to one's constraints and preferences

An example Angular 1.x site with a Caché REST backend

Spec compliant content security policy builder and parser. 🚨