top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration Why to Join

    Get Free Article Updates

Facebook Login
Site Registration
Print Preview

Discuss About Content Security Policy?

+2 votes

What is Content Security Policy?

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware.

The Content-Security-Policy meta-tag allows you to reduce the risk of XSS attacks by allowing you to define where resources can be loaded from, preventing browsers from loading data from any other locations. This makes it harder for an attacker to inject malicious code to your site.

Configuring Content Security Policy involves adding the Content-Security-Policy HTTP header to a web page and giving it values to control resources the user agent is allowed to load for that page. 

For example, a page that uploads and displays images could allow images from anywhere, but restrict a form action to a specific endpoint. A properly designed Content Security Policy helps protect a page against a cross site scripting attack. 

Content-Security-Policy: <policy-directive>; <policy-directive>

Fetch Directives 
Fetch directives control locations from which certain resource types may be loaded.

Directive Lists

  • child-src
  • connect-src
  • default-src
  • font-src
  • frame-src
  • img-src
  • manifest-src
  • media-src
  • object-src
  • script-src
  • style-src
  • worker-src

Video for Content Security Policy

posted Jan 9 by Manish Tiwari

  Promote This Article
Facebook Share Button Twitter Share Button Google+ Share Button LinkedIn Share Button Multiple Social Share Button

Related Articles

What is Framework 7?

Framework7 is a free and open source mobile HTML framework to develop hybrid mobile apps or web apps with iOS & Android native look and feel. It is also an indispensable prototyping apps tool to show working app prototype as soon as possible in case you need to.

The main approach of the Framework7 is to give you an opportunity to create iOS & Android apps with HTML, CSS and JavaScript easily and clear. Framework7 is full of freedom. It doesn't limit your imagination or offer ways of any solutions somehow. Framework7 gives you freedom!

Framework7 is not compatible with all platforms. It is focused only on iOS and Google Material design to bring the best experience and simplicity.

Framework7 is definitely for you if you decide to build iOS or Android hybrid app (PhoneGap) or web app that looks like and feels as great native iOS and Google Material apps.


  • Native Scrolling
  • Library Agnostic
  • High-performance Animation
  • Multiple Views (Split View)
  • Clear JS API
  • Pages Animation
  • XHR + Caching + History + Preloading
  • Dom7 - Custom Dom Library

One of Framework7' killing feature is supporting of iOS well known swipe back gesture from left border of screen when you want to get to the previous page. It simply works, and works perfectly as you expect it to do. 

Video for Framework 7


What is Qunit?

QUnit is a powerful, easy-to-use, JavaScript unit testing framework. It's used by the jQuery project to test its code and plugins but is capable of testing any generic JavaScript code (and even capable of testing JavaScript code on the server-side).

Node Install

npm install -g qunitjs

Main Methods:

  • module
  • only
  • skip
  • start
  • test
  • todo


QUnit.module( "group a" );
QUnit.test( "a basic test example", function( assert ) {
  assert.ok( true, "this test is fine" );
QUnit.test( "a basic test example 2", function( assert ) {
  assert.ok( true, "this test is fine" );

QUnit.module( "group b" );
QUnit.test( "a basic test example 3", function( assert ) {
  assert.ok( true, "this test is fine" );
QUnit.test( "a basic test example 4", function( assert ) {
  assert.ok( true, "this test is fine" );

All tests inside a module callback function will be grouped into that module. The test names will all be preceded by the module name in the test results. Other modules can be nested inside this callback function, where their tests’ names will be labeled by their names recursively prefixed by their parent modules.

Video for Qunit


What is Angular App Exception Handling?

The AngularJS $exceptionHandler service allows you to catch and handle unanticipated JavaScript errors in a meaningful way.

app.factory('$exceptionHandler',function($log,ErrorService) {
    return function(exception,cause) {
        if(console) {

Any uncaught exception in angular expressions is delegated to this service. The default implementation simply delegates to $log.error which logs it into the browser console. In unit tests, if angular-mocks.js is loaded, this service is overridden by mock $exceptionHandler which aids in testing.

$exceptionHandler is very useful for sending errors to third party error logging services or helpdesk applications. Errors trapped inside of event callbacks are not propagated to this handler, but can manually be relayed to this handler by calling $exceptionHandler(e) from within a try catch block.

Video Tutorial for handling Exception Handling


A provider is the most sophisticated method of all the providers. It allows you to have a complex creation function and configuration options. A provider is actually a configurable factory.

var app = angular.module('myModule',[]);

app.provider("myProvider", function() {
    this.value = "My Value";

    this.setValue = function(newValue) {
        this.value = newValue;

    this.$get = function() {
        return this.value;

app.config(function(myProviderProvider) { // ADDED config section
    // Note the extra "Provider" suffix
    myProviderProvider.setValue("New Value");


A service is an injectable constructor. If you want you can specify the dependencies that you need in the function. A service is a singleton and will only be created once by AngularJS. 

app.service("myProvider", function() { 
    this.getValue = function() {
        return "My Value";


A factory is an injectable function. A factory is a lot like a service in the sense that it is a singleton and dependencies can be specified in the function. The difference between a factory and a service is that a factory injects a plain function so AngularJS will call the function and a service injects a constructor.

app.factory("myProvider", function() { 
    return "My Value";

A value is nothing more than a simple injectable value. The value can be a string, number but also a function.

var app = angular.module('myModule',[]);

app.value("Value1", "First Value");
app.value("Value2", "Second  Value");


A constant can be injected everywhere. The value of a constant can never be changed.

var app = angular.module('myModule',[]);

app.constant("Constant1", "First Constant Value");
app.constant("Constant2", "Second Constant Value");

Video Tutorial


Evolution of XML

In order to address the issues raised by earlier markup languages, the Extensible Markup Language (XML) was created XML is a W3C recommendation.

XML is a set of rules for defining semantic tags that break a document into parts and identify the different parts of the document. XML was developed over HTML because of the basic differences between them.



HTML was designed to display data.

XML was designed to carry data.

HTML displays data and focuses on how data looks.

XML describes data and focuses on what data is.

HTML displays information.

XML describes information.

                                  FIG: Difference between HTML and XML

An XML code:

<?xml version=”1.0” encoding=”iso-8859-1”?>




    <description> A bright brown fox jumps over the lazy dog</description>



Features of XML

Features of XML are as follows:

  • XML stands for Extensible Markup Language

  • XML is a markup language much like HTML

  • XML was designed to describe data

  • XML tags are not predefined. You must define your own tags

  • XML uses a DTD or an XML Schema to describe the data

  • XML with a DTD or XML Schema is designed to be self-descriptive

XML Markup

XML markup defines the physical and logical layout of the document. XML can be considered as an information container. It contains shapes labels. Structures and also protects information. XML employs a tree-based structure to represent a document. The basic foundation of XML is laid down by symbols embedded in the text known as markup. The markup combines the text and extra information about the text such as its structure and presentation. The markup divides the information into a hierarchy of character data and container-like elements and its attributes. A number of software programs process electronic documents use a markup.

XML’s markup divides a document into separate information containers calld elements. A document consists of one outermost element called root element that contains all the other elements. Plus some optional administrative information at the top. Known as XML declaration. Following code demonstrates the elements.

Code Snippet:

<?xml version=”1.0” encoding=”iso-8859-1” ?>




      <Description>Red in color</Description>




<Name>, <Price>, <Description> and <Number> inside the tags are elements.

<FlowerPlanet> and </FlowerPlanet> are the root elements.

The usage of XML can be observed in many real-life scenarios. It can be used in the fields of information sharing, single application usage, content delivery, re-use of data, separation of data and presentation, semantics, and so forth. News agencies are a common place where XML is used. News producers and news consumers often use a standard specification name XMLNews to produce, retrieve, and relay information across different systems in the world.

Note: XML is a subset of SGML, with the same goals, but with as much of the complexity eliminated as possible. This means that any document which follows XML’s syntax rules will also follow SGML’s syntax rules, and can therefore be read by existing SGML tools.

Contact Us
+91 9880187415
#280, 3rd floor, 5th Main
6th Sector, HSR Layout
Karnataka INDIA.