Site Translator – Don Tai (Canada) Blog

Content Security Policy on WordPress

Reading, I was, about a web site security tool from Mozilla, so I had to try it. My site, the one you are on now, rated “D-“. It was no consolation that most sites rate “F”. Within the rating there was this criteria called “Content Security Policy” (CSP) that tweaked my interest.

Content Security Policy: Purpose
A CSP is a policy that you put into the head section of your page that whitelists all the sites that contribute to your page. If someone tries to add something to your page’s content but is not on you CSP, your browser will not load it. This stops a nasty infection of something called “cross site scripting” or XSS.

This is a preview of Content Security Policy on WordPress. Read the full post (875 words, 5 images, estimated 3:30 mins reading time)