Free Post Report URI Increasing entropy in our CSP nonces I've talked many times about CSP and CSP nonces, the easy way to control JavaScript on your page, but someone recently pointed out an area we could improve. Report URI...
Free Post CSP PCI DSS 4.0; It's time to get serious on Magecart The latest version of PCI DSS just dropped and it's really awesome to see that one of the most notorious threats that we face online when it comes to payment...
Free Post Crawler Report Top 1 Million Analysis - November 2021 Wow! It's been quite a while since I've had time to do my regular analysis of security in the Top 1 Million site, but it's happening again! As it's been...
Free Post Report URI Report URI is now using CSP nonces in an enforced policy Hurrah! Sometimes it takes a little while for projects to make it through your backlog and into production, but the nonce-based policy for CSP on Report URI can now be...
Free Post CSP I turned on CSP and all I got was this crappy lawsuit! Yes, you did read that right. It turns out that enabling CSP on your website, specifically CSP nonces, is enough for you to get threatening letters about patent infringement! I've...
Free Post Report URI Report URI Penetration Test In line with our constant desire to improve and offer the best service we can, Report URI recently went through an independent penetration test as many other companies and organisations...
Free Post Security Headers Top 1 Million Analysis - March 2020 It's time for another 6 month update on the state of security online that's a little late! This is the second report using the new data source that was announced...
Free Post Report URI Deprecating XSS Reports A lot has changed in the browser landscape recently and we've seen all of the mainstream browsers move away from running their own XSS Auditor or XSS Filter. Given this...
Free Post tls Big HTTPS changes coming in Chrome Chrome has certainly been one of the main contributors towards the recent push to HTTPS online and without their contribution, I do find myself wondering how much progress would have...
Free Post crawl Top 1 Million Analysis - September 2019 Yes, it's that time of year again and the last 6+ months have flown by. Time for a look at the state of security in the Top 1 Million sites...
