How does Content Security Policy (CSP) help in preventing XSS attacks, and what are its limitations?
- CSP restricts the usage of third-party libraries
- CSP blocks all JavaScript execution
- CSP defines rules for resource loading and script execution
- CSP is ineffective against XSS attacks
Content Security Policy (CSP) helps prevent Cross-Site Scripting (XSS) attacks by defining rules for resource loading and script execution in web applications. It can restrict the sources from which scripts can be executed, mitigating the risk of malicious script injection. However, CSP has limitations, such as its inability to prevent all forms of XSS attacks, the need for careful configuration, and potential compatibility issues with legacy code.
Loading...
Related Quiz
- In Express.js, to skip the remaining route callbacks and pass control to the next middleware function, you can call the ______ function.
- Which of the following accurately describes Non-Blocking I/O in Node.js?
- What happens when an error is thrown inside an async function and it is not caught within the function?
- What is the role of the error-handling middleware when dealing with unhandled promise rejections in Express?
- When destructuring arrays, using the rest operator will result in a new array containing the ______ elements.