...
| Code Block |
|---|
Content-Security-Policy: default-src: 'self'; script-src: 'self' static.domain.tld |
...
Learn More:
https://www.owasp.org/index.php/Authentication_Cheat_Sheet
https://technicalmumbojumbo.wordpress.com/2013/05/22/owasp-esapi-authenticator-tutorial/
...
- OWASP Authentication Cheat Sheet
- OWASP Forgot Password Cheat Sheet
- OWASP Session Management Cheat Sheet
- ESAPI Authenticator API and Tutorial
- ESAPI User API
- OWASP Forgot Password Cheat Sheet
- OWASP Development Guide: Chapter on Authentication
- OWASP Testing Guide: Chapter on Authentication
- Content Security Policy
- SANS/CWE CWE Entry 287 on Improper Authentication