Changes

! Comments

|-

| Currently, a website can decide to mitigate attacks on their pages and their usersm attack by defining and implementing a Content Security Policy. However, users have no way of protecting themselves in cases where their favorite websites aren't using CSP. This project is to develop a firefox add-on that allows users to specify Content Security Policies for sites (i.e. don't ever iframe my bank website, don't allow inline script on my blog, etc). If time allows, the add-on could also monitor websites the user visits frequently to determine a default CSP policy for each site. Give the user the option to apply that policy to the website and potentially protect themselves from future exploits on the site caused by current or future vulnerabilities.

| Tanvi