Google Online Security Blog: Reject the Unexpected - Content Security Policy in Gmail

Security Blog

The latest news and insights from Google on security and safety on the Internet

Reject the Unexpected - Content Security Policy in Gmail

December 16, 2014

Posted by Danesh Irani, Software Engineer, Gmail Security(Cross-posted from the Gmail Blog)serving images through secure proxy serversrequiring HTTPSthe Chrome Web StoreGoogle Security CenterThis post was updated on December 18th to add a description of the XSS defense benefit of CSP, and to more precisely define the interaction with extensions.

No comments :

Labels

Archive

2024
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2023
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2022
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2021
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2020
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2019
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2018
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2017
- Dec
- Nov
- Oct
- Sep
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2016
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2015
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2014
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- Apr
- Mar
- Feb
- Jan

2013
- Dec
- Nov
- Oct
- Aug
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2012
- Dec
- Sep
- Aug
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2011
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb

2010
- Nov
- Oct
- Sep
- Aug
- Jul
- May
- Apr
- Mar

2009
- Nov
- Oct
- Aug
- Jul
- Jun
- Mar

2008
- Dec
- Nov
- Oct
- Aug
- Jul
- May
- Feb

2007
- Nov
- Oct
- Sep
- Jul
- Jun
- May

Feed

Give us feedback in our Product Forums.

Google
Privacy
Terms