To try the thousands of add-ons available here, download Mozilla Firefox, a fast, free way to surf the Web!Close
Welcome to Firefox Add-ons.
Choose from thousands of extra features and styles to make Firefox your own.Close
The goal of this project is to allow savvy users to be able to voluntarily specify their own Content Security Policy (CSP) for websites that may not have implemented CSP.
About this Add-on
The addon provides a GUI tool for the user that includes the twelve Firefox CSP directives, each listed in separate tabs (ex: default-src, imgsrc, scriptsrc, framesrc, report-uri, etc). The user uses this tool to specify CSP policies for websites. When the response of a web page is received by the browser, the addon will check whether the user has specified CSP policy for it. If so, it will apply the user's policy the same way it would have specified a policy set by the website.
By-default CSP doesn't allow inline scripts and eval, which are used by almost all website. Therefore to use CSP policy, websites requires to change their code. The requirement of this change is hindering the adaptation of CSP by web applications (websites). However, there are savvy users who prefer security over usability. In addition, web sites developers need a tool to test different CSP rules for their website to secure their users and achieve usability. The "userCSP" add-on we developed addresses these issues.
The "userCSP" add-on allows savvy users to specify CSP to particular websites or to specify general CSP rules that is enforced on each and every website a user visits. Moreover, it allows website developers to try different CSP rules to adapt the best suited CSP policy for their website.
Removed all "innerHTML" method usage in the extension.