Which security mechanism helps mitigate XSS by restricting sources of executable scripts in the browser?

Prepare for the MIPC Exam 2 with our comprehensive study material. Engage with flashcards and multiple choice questions, each accompanied by hints and explanations. Ensure you're ready to excel!

Multiple Choice

Which security mechanism helps mitigate XSS by restricting sources of executable scripts in the browser?

Explanation:
Content Security Policy restricts where the browser may load and execute scripts. By publishing a policy that only allows scripts from trusted sources and, for inline scripts, using a nonce or a hash, the browser blocks anything that isn’t explicitly allowed. This directly reduces the risk of XSS, because even if an attacker injects script into a page, that script won’t run unless it’s from an approved source or matches the allowed inline script conditions. Rate limiting doesn’t change what scripts the browser will execute. SQL injection sanitizers target server-side database queries, not browser script execution. Anti-virus scanning looks for malware on a system, not enforce script-source rules in a web page.

Content Security Policy restricts where the browser may load and execute scripts. By publishing a policy that only allows scripts from trusted sources and, for inline scripts, using a nonce or a hash, the browser blocks anything that isn’t explicitly allowed. This directly reduces the risk of XSS, because even if an attacker injects script into a page, that script won’t run unless it’s from an approved source or matches the allowed inline script conditions. Rate limiting doesn’t change what scripts the browser will execute. SQL injection sanitizers target server-side database queries, not browser script execution. Anti-virus scanning looks for malware on a system, not enforce script-source rules in a web page.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy