Safely work from home with open source 2020/03/30

NGI0 grant for Software Heritage 2020/03/26

Hackers donate 90% of profit to charity 2019/06/13

NGI Zero awarded two EC research and innovation actions 2018/12/01

EC publishes study on Next Generation Internet 2025 2018/10/05



[NoScript ABE-component -- concluded on 2009/10/01]

NoScript is a popular (over two millions active users) add-on extending the Firefox open source web browser and other products based on the Mozilla Gecko engine. NoScript increases web client security by applying a Default Deny policy to JavaScript, Java, Flash, and other active content. It provides users with an one-click interface to easily whitelist sites they trust for active content execution.

The Application Boundaries Enforcer (ABE) module will attempt to harden the web application oriented protections already provided by NoScript with a firewall-like component running inside the browser.

This project is specifically focused on developing a new web browser component called ABE, aimed to mitigate or defeat Cross Site Request Forgery (CSRF) attacks against sensitive web applications. This component will be built on the existing request interception, tracing and blocking framework of NoScript, and it will be integrated in NoScript's broader web security infrastructure, together with whitelist-based scripting, active content execution policies, anti-XSS filters, ClearClick anti-ClickJacking protection and HTTPS/Secure Cookies enhancements. After a working ABE implementation as a NoScript component gets completed, a refactoring and repackaging activity to deploy it as a separate “ABE Firefox Add-On” will be done.


Send in your ideas.
Deadline June 1st, 2020.


Last update: 2008/11/09