News

Dutch Ministry of Economic Affairs donates 0.5 million to "Internet Hardening Fund" 2016/12/16

Vietsch Foundation and NLnet cooperate in internet R&D for research and education 2016/09/28

Third edition of 'Holland Strikes Back' 2016/09/01

RPKI-RTRlib contributes to secure interdomain routing 2016/02/15

 

NoScriptABE

[NoScript ABE-component -- concluded on 2009/10/01]

NoScript is a popular (over two millions active users) add-on extending the Firefox open source web browser and other products based on the Mozilla Gecko engine. NoScript increases web client security by applying a Default Deny policy to JavaScript, Java, Flash, and other active content. It provides users with an one-click interface to easily whitelist sites they trust for active content execution.

The Application Boundaries Enforcer (ABE) module will attempt to harden the web application oriented protections already provided by NoScript with a firewall-like component running inside the browser.

This project is specifically focused on developing a new web browser component called ABE, aimed to mitigate or defeat Cross Site Request Forgery (CSRF) attacks against sensitive web applications. This component will be built on the existing request interception, tracing and blocking framework of NoScript, and it will be integrated in NoScript's broader web security infrastructure, together with whitelist-based scripting, active content execution policies, anti-XSS filters, ClearClick anti-ClickJacking protection and HTTPS/Secure Cookies enhancements. After a working ABE implementation as a NoScript component gets completed, a refactoring and repackaging activity to deploy it as a separate “ABE Firefox Add-On” will be done.

Calls

Send in your ideas.
Deadline April 1st, 2017.

   
Last update: 2008/11/09