Firefox's Future Content Security Policy

It appears that Firefox will gain some much-needed Content Security Policy (CSP) that will help defend against XSS attacks, Clickjacking, and packet sniffing.

I'm not sure when CSP will be implemented, but so far the specs look pretty good. And, Web site operators and administrators will want to become aware of how this technology works so as to make sure their Web pages take full advantage of it - particular in instances where users can provide input via the Web (e.g. comments, contact forms, order forms, etc).

You can read up on Content Security Policy right now over at Mozilla's Web site

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish