{"version":"1.0","provider_name":"Cloudkul","provider_url":"https:\/\/cloudkul.com\/blog","author_name":"Amit Yadav","author_url":"https:\/\/cloudkul.com\/blog\/author\/amit-yadav411\/","title":"Magento 2 csp: Magento content security policy - Cloudkul","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"IyJq0lpoFO\"><a href=\"https:\/\/cloudkul.com\/blog\/magento-2-csp-magento-content-security-policy\/\">Magento 2 csp: Magento content security policy<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/cloudkul.com\/blog\/magento-2-csp-magento-content-security-policy\/embed\/#?secret=IyJq0lpoFO\" width=\"600\" height=\"338\" title=\"&#8220;Magento 2 csp: Magento content security policy&#8221; &#8212; Cloudkul\" data-secret=\"IyJq0lpoFO\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/* ]]> *\/\n<\/script>\n","description":"Content security policy is playing a powerful role in detection, mitigation and is a proven extra layer of defense for attacks like cross site scripting, credential thefts, session hijacking, as well as in preventing any script, resources to load on store that doesn\u2019t belongs to the trusted origins."}