Posted 7 years ago

Note: nothing bad has happened to make me tighten security! This is just part of regular background work improving the site. I like to stay ahead of the curve.

I’ve just turned on a security system known as a content security policy (CSP).

CSP is a powerful measure. A strict policy blocks resources from being loaded unless they are on a whitelist. This is a nearly bulletproof defence against many common web attacks.

However, this means that it’s possible to break your own website with CSP — you can end up blocking your own stuff from loading! So if anything seems broken, please do tell me about it!

With this update, the Badminton Bible is probably more secure than your bank’s website.