canmove, Confirmed users
285
edits
Community:SummerOfCode13:Brainstorming: Difference between revisions
Jump to navigation
Jump to search
Community:SummerOfCode13:Brainstorming (view source)
Revision as of 19:50, 29 March 2013
, 29 March 2013no edit summary
No edit summary |
|||
| Line 382: | Line 382: | ||
! Mentor(s) | ! Mentor(s) | ||
! Comments | ! Comments | ||
|- | |||
| Security Report | |||
| It can be tricky for a developer to cover all their bases when it comes to security. Moreover, information about the security of a website can be difficult for advanced users to find without searching through multiple data sources in the browser (error console, cookie manager, certificate manager, etc.) This project is to build a firefox addon that reports all of this data in one place. Developers can then view the report for their websites or pre-production pages and quickly identify their security issues. Advanced users can quickly learn about a websites security before deciding whether or not they want to enter sensitive information on the page. | |||
Here are some examples of what the security report could include: | |||
* information about network requests that have been blocked by the browser for security reasons (e.g. mixed content, CSP, CORS) | |||
* information about the cookies on the site (are they marked secure, do they have the httponly attribute?) | |||
* security related headers (have STS / CSP headers been set?) | |||
* SSL information (is the websites ssl certficate about to expire? | |||
| JavaScript, Add-on SDK, some platform knowledge. | |||
| mgoodwin, tanvi | |||
| mgoodwin, tanvi | |||
|- | |||
|} | |} | ||