#content-security-policy tag

jQuery Releases v4: First Major Version in Almost 10 Years

jQuery 4 modernizes the library by removing legacy code, dropping old browser support, migrating to ES modules, and improving security and performance.

fromSearch Engine Roundtable

3 weeks ago

Google Says Don't Spend Too Much Time On Redirects Analysis For SEO

There are a bunch of browser extensions that do this already (eg Redirect Path from Ayima is one I see a lot in screenshots, and CSP is very different from redirects, so I don't understand the connection). I don't recall a time when I ran into something like this causing SEO issues which weren't also visible to average users in their browsers.

Web development

fromInfoQ

1 month ago

Django Releases Version 6.0 with Built-In Background Tasks and Native CSP Support

Django, the Python web framework, has released Django 6.0, delivering a collection of developer-focused features, security enhancements, and performance improvements aimed at modernizing web application development. Django 6.0 introduces several major features, including a built-in background tasks framework, native Content Security Policy support, template partials for component-based development, and adoption of Python's modern email API. The release also includes support for Python 3.12, 3.13, and 3.14, while dropping support for Python 3.10 and 3.11.

Web frameworks

#entra-id

fromThe Hacker News

3 months ago

Information security

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Entra ID sign-ins will restrict scripts to trusted Microsoft domains via updated CSP, blocking injected code and preventing XSS starting October 2026.

fromTechzine Global

3 months ago

Information security

Microsoft Entra protects against script injection attacks

Microsoft will enforce a Content Security Policy for Entra ID sign-ins in October 2026, blocking injected scripts and requiring alternatives to code-injecting extensions.

fromThe Hacker News

3 months ago