Web extension that appends a Content Security Policy to websites without one preventing XSS from client side
WHY I CREATED THIS PROJECT
I created this project when i noticed that their was no client-side way to prevent annoying cross-site-scripting(XSS),clickjacking, and other envasive things that ruin a persons browsing experience. I had learned of the CSP (content security policy) earlier and thought it was a great system with one major flaw; it was completely server-side, requiring a webdeveloper to add it to thier site. i began to see that only very large websites were making use of this tool, and smaller ones were not. This is truly ashame as it only requires one line to be added to the site to work
PROJECT Goals
- prevent XSS and Clickjacking on even sites with poor ratings
- provide user with controls that will determine what to block and not to block.