CSP-Bypass icon indicating copy to clipboard operation
CSP-Bypass copied to clipboard

Published 20 hours ago verified publisher icon moloch--

Metadata

A Burp Plugin for Detecting Weaknesses in Content Security Policies

Results 3 CSP-Bypass issues
Sort by recently updated
recently updated
newest added

Lack of Support for Depreciated xhr-src

1 comment

While using this library in another project I noticed it throws a `ValueError` when a CSP makes use of the `xhr-src` directive. According to [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/connect-src): > Prior to Firefox 23,...

mandatoryprogrammer avatar mandatoryprogrammer

Deprecated CSPs directives

1 comment

Hi, I noticed that some CSP directives reported by this extender are obsolete, and are reported by your tool. Is it possible to update this extender accordingly? - 'referrer': https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/referrer...

Hipapheralkus avatar Hipapheralkus

enhancement

Similar Burp extension

1 comment

Hi Joe, This is a simple notification to let you know that I have built a [very similar extension](https://github.com/GoSecure/csp-auditor/). Both have passive rules to analyze CSP header(s). I initially start...

h3xstream avatar h3xstream

enhancement

Metadata

158
Stars
39
Forks
Watchers

Owner

verified publisher icon moloch--

Metadata

A Burp Plugin for Detecting Weaknesses in Content Security Policies

Back