Implement Content Security Policy (CSP)

privly / privly-firefox

Official Privly Browser Extension for Firefox - Allows for Viewing and Posting Content on Any Website Without the Host Site Having Access

https://priv.ly

MIT License

21 stars 15 forks source link

Implement Content Security Policy (CSP) #34

Closed smcgregor closed 9 years ago

smcgregor commented 10 years ago

Content Security Policy mitigates a large number of potential vulnerabilities. The Chrome extension implements it by default, but implementation on Firefox will not be native until this bug is closed. Until Mozilla implements it natively, we can add a module that will enforce it. See SO.

smcgregor commented 9 years ago

They are building this as a module for Jetpack. See #38.

smcgregor commented 9 years ago

I downgraded this since the next major release will automatically roll this in with the architecture change.

smcgregor commented 9 years ago

Privly-Jetpack is replacing this old Xul version. See the new version nearing completion here.

(closing all outstanding issues on this repository since it is now deprecated)