Content Security Policy

Type: mitigation

Description: A defense mechanism that helps protect against web browsing tools and markdown rendering for data exfiltration. When a user asks the AI system to access a URL, it will only access it if the URL is from a limited set of trusted domains.

Version: 0.1.0

Created At: 2024-10-03 22:24:49 +0300

Last Modified At: 2024-10-03 22:24:49 +0300

External References

Bing Chat: Data Exfiltration Exploit Explained, Embrace The Red

--> Microsoft Copilot (platform): Microsoft Copilot can render URLs and links if they fall under these trusted domains:

th.bing.com
www.bing.com
edgeservices.bing.com
r.bing.com

<-- Image Rendering (technique): Setting a Content Security Policy can mitigate this technique by disrupting an attacker's ability to provide a URL to a domain under their control.
<-- Clickable Link Rendering (technique): Setting a Content Security Policy can mitigate this technique by disrupting an attacker's ability to provide a URL to a domain under their control.

GenAI Attacks Matrix

Content Security Policy

External References

Related Objects

Related Frameworks