Mozilla has opened comments for an new experimental browser security policy, dubbed Site Security Policy (SSP), designed to protect against XSS, CSRF, and malware-laced IFRAME attacks which infected over 1.5 million pages Web earlier this year. Security experts and developers are excited because SSP extends control over Web 2.0 applications that allow users to upload/include potentially harmful HTML/JavaScript such as on iGoogle, eBay Auction Listings, Roxer Pages, Windows Live, MySpace / Facebook Widgets, and so on. Banner ads from CDNs have had similar problems with JavaScript malware on social networks. The prototype Firefox SSP add-on aims to provide website owners with granular control over what the third-party content they include is allowed to do and where its supposed to originate. No word if Internet Explorer or Opera will support the initiative.
Read »Slashdot | Mozilla Experiments With Site Security Policy
http://it.slashdot.org –
Category: Mozilla Experimental Tags:
- Login or register to post comments
- report spam
User login
Recent blog posts
Active forum topics
Recent comments
- I'm definitely pro-GoogleKenSaunders
- if you liked stumbleroberto
- emergency medical serviceFoxiewire
- Everyone is going medicalundoIT
- unfortunately notFoxiewire
Tags
Spot the Fox! Photo Galleries
Submit Photos - View Galleries
Recent statistics
Foxiewire 12230 members
Foxiewire Add-on
Total Downloads 5,241
View Foxiewire Statistics
Shareaholic
346,848 total downloads
Get the Add-ons
Best published scoops - Mozilla Experimental
Best karma users
- graphicsguru
- jan
- LouCypher
- firefoxfacts
- passiton
- headlines
- mozilladaily
- talkmozilla
- MozillaSuite
- AMO
Categories
Poll
