Results 1 to 2 of 2

Thread: What is a good way to do HTTP filtering (on any browser)?

  1. #1
    Join Date
    Feb 2006

    What is a good way to do HTTP filtering (on any browser)?

    What is the best way to content-filter incoming HTTP pages (responses), before displayed by browser? One solution is a (transparent) proxy. Is there a better solution (less intrusive, easier to develop, install and maintain)? In particular, can this be done as FireFox extension?

    Our motivation: malicious content attack are often via web pages loaded into the browser. For example, a page may include malicious script, either from a rogue site or due to reflection XSS attack. We work on a mechanism to block such attacks; this will be a kind of `browser firewall`, with advanced protection capabilities against malware (including XSS), phishing and spoofed web sites. This is part of our plans for next generation of TrustBar, a FireFox extension we made, that allows users to identify trusted web pages, either by a name/logo assigned by the user (petname/petlogo), or by displaying details of the site owner as identified in the SSL/TLS public key certificate, e.g. PayPal Identified by VeriSign. BTW, the last feature was apparently adopted into IEv7.

    Notice: many FireFox extensions block objects based on their URL (e.g. AdBlock, NoScript). But we want/need content filtering...

  2. #2
    Join Date
    Nov 2002
    Baltimore, Maryland
    Just disable the scripting.
    “The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect.”
    —Tim Berners-Lee, W3C Director and inventor of the World Wide Web

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center