Locking down your JavaScript: positive blocking with Page Shield policies
Cloudflare introduced Page Shield, an advanced security feature that prevents malicious JavaScript from running on websites and protects against data theft. The technology aims to provide a positive security model by blocking untrusted scripts without impacting vetted tools. Page Shield leverages Content Security Policies (CSPs) to enforce where JavaScript files are allowed to be loaded from, thus reducing the attack surface available for potential exploits. The feature also supports the connect-src directive, which ensures browsers only send data to specified destinations. Source: https://cloudflare.com/products/page-shield/ TAGS: security, cloudflare, web development, content security policies
Company
Cloudflare
Date published
March 13, 2023
Author(s)
Michael Tremante
Word count
1422
Language
English
Hacker News points
None found.