Content Security Policy
Last updated on
Implementing CSP at the edge enhances security by dynamically generating and injecting nonces into CSP headers and HTML source code. This reduces the risk of XSS and data injection attacks without overloading the application server, providing a more secure and efficient content delivery process.
Loading...https://www.edgecompute.live/csp
Copied to clipboard!
A Content Security Policy (CSP) is a security feature implemented in web browsers to protect websites and web applications from attacks such as cross-site scripting (XSS) and data injection. CSP controls and limits the source of various types of content loaded and executed on a web page, including scripts, stylesheets, and images. EdgeWorkers provides numerous performance benefits for CSPs, which need to complement the security measures on the application server-side.
Ease Development
Enable developers to modify application behavior without touching origin server logic.
Enhance Security
Enable security features at the edge, preventing bad requests from reaching your origin server
Related Examples
View More
JA3 Fingerprinting
Calculates JA3 Fingerprint using EdgeWorkers. TLS fingerprinting is a technique that associates a TLS library with parameters from a TLS ClientHello via a database of curated fingerprints to identify malware and vulnerable applications for better network visibility. The JA3 algorithm takes a collection of settings from the SSL “ClientHello” such as SSL/TLS version, accepted cipher suites, list of extensions, accepted elliptical curves/formats, and others. For compactness, the JA3 string is hashed with MD5. This EdgeWorker calculates JA3 Fingerprint to help customers deny requests from services with suspicious JA3 Fingerprints and credentials, without contacting origin servers even on cacheable contents.
