All the latest UK technology news, reviews and analysis

Mozilla pushes trial of new security tool

by Shaun Nichols

02 Oct 2009

Be the first to comment

  • Tweet this
Firefox
Mozilla wants researchers to test a new Firefox security tool

Mozilla is asking researchers and developers to help test a new security tool for its Firefox web browser.

The company has posted a preview build for Content Security Policy (CSP), and is hoping that webmasters and security experts will try out the tool.

Further reading

CSP is designed to prevent pages from being infected with third-party attacks, such as cross-site scripting, by allowing webmasters and site developers to place restrictions on how outside sites can access and interact with the page.

Brandon Sterne, security programme manager at Mozilla, explained that, after several months of development and testing behind closed doors, the company is now bundling the tool with preview versions of Firefox so that researchers can put CSP to the test against possible real-world attacks.

"We are thrilled to have received so much great feedback from other browser vendors, web site administrators, and security researchers, and we are very proud of the design that has come out of that discussion," Sterne explained in a blog post.

"We would like to encourage any server administrators or web app security researchers who are interested in this project to grab a preview Firefox build and help us test the new features."

End users should not expect CSP to be a polished and complete component. The tool is still in a trial phase, and certain features and protections are not yet fully implemented.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Developer

YouTube logo

Youtube chief blames HTML5's slow adoption on cost and fragmentation

Related white papers

Related videos

Related articles

Related jobs

Today's top stories

Cloud computing use is a major government IT strategy

Government departments face possibility of open source 'spot checks'

Samsung Galaxy S III running Android Ice Cream Sandwich

Samsung Galaxy S3 launch fails to attract iPhone-like crowds

hurricane-irene

American Express predicts online hurricane to blow big business away

Poll

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

30%

2%

14%

54%

Features

The V3 hotseat

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Flame in monitor screen

Quick guide to Flame malware attack

cookies

Quick guide to cookie law compliance

cookie

ICO sends out mixed messages on cookie law

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Riso

Colour printing: why the bill keeps outstripping the budget

The wrong printers, for the wrong tasks on the wrong contracts

Qlikview

Magic quadrant for business intelligence platforms

Who leads the BI pack and who should we be watching out for?

Technology jobs

Senior Technical Consultant (Microsoft)- ATS

Opportunity to join a rapidly expanding Microsoft Consultancy...

Technical Architect -UC/Video Conferencing/VAAS

Technical Architect - UC/Video Conferencing/VAAS Inspire...

SQL Developer - MS SQL .NET

A busy organisation in Glasgow is looking for a skilled...

Test Analyst, Python, Automation, London

Test, Python, Shell, Automation, Manual My client...

To send to more than one email address, simply separate each address with a comma.