advice Question

Is Content Security Policy (CSP) Isolation possible?

Avatar of 894359
894359Flag for United States of America asked on
JavaScriptWeb DevelopmentSecurity
2 Comments1 Solution22 ViewsLast Modified:

Here is the CSP problem, I provide a JavaScript include that over 20 different web apps include in the head of their documents. It is for analytics tracking. I want to set a CSP by updating the DOM with a script-src meta tag which only applies to my code and the external JavaScripts it calls, not the whole web-app. Is that possible or will my CSP meta tag apply to any external scripts the web app loads? Is there anyway to achieve this?

Thanks!

ASKER CERTIFIED SOLUTION
894359

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros