Content Security Policy (CSP)
Quick Reference Guide


Become a master of Content-Security-Policy or CSP. This course is designed to rapidly take you through many of the common use cases of CSP.

The Mastering Content-Security-Policy (CSP) training course is still under development, but you can signup to be notified once it is ready below:

Who is this course for?

This course is designed for web developers or security professionals that want to get up to speed on Content-Security-Policy or CSP

Sign up for early access

Course Outline

  1. Introduction to CSP
  2. Understanding HTTP Headers
  3. Getting Started with CSP
  4. Source Lists
  5. Controlling JavaScript with script-src
  6. Controlling CSS with style-src
  7. Loading images with img-src
  8. Restricting script initiated HTTP requests with connect-src
  9. Fetch Directives and the default-src
  10. Navigation Directives
  11. Strict CSP using strict-dynamic
  12. Document Directives
  13. Reporting

The above CSP training class outline is tentative and subject to change.

CSP Developer Field Guide

CSP Developer Field Guide

Want to learn the ins and outs CSP? Grab a copy of the CSP Developer Field Guide. It's a short and sweet guide to help developers get up to speed quickly.

Grab a Copy

Struggling to stay on top of security advisories?

Advisory Week is a weekly roundup of all the security advisories published by the major software vendors.