Reminder for your Training @ DeepSec 2020: Bypassing CSP via ajax.googleapis.com — Dawid Czagan

Content Security Policy (CSP) is the number one defensive technology in modern web applications. A good CSP offers a lot of possibilities, but it is hard to…