Content Security Policy Bypass: Exploiting Misconfigurations

Content Security Policy (CSP) is designed to help mitigate content injection attacks such as XSS. While it can be helpful as a part of a defense-in-depth strategy, misconfigurations may be bypassed, especially when used as a sole defensive mechanism. Content Security Policy configurations can be very complex, leaving gaps in coverage when utilizing older or larger web applications. Bypassing Content Security Policy misconfigurations can often be trivial in a complex application. This research analyzes how CSP works as well as bypass techniques and methodologies to help exploit policy misconfigurations.