RequestPolicy is an extension for Mozilla browsers that improves the privacy and security of your browsing by giving you control over when cross-site requests are allowed by webpages you visit.
requestpolicy is an extension for mozilla browsers that improves the privacy and security of your browsing by giving you control over when crosssite requests are allowed by webpages you visit. it is the first comprehensive clientside protection against csrf attacks and the first tool to enable the use of modern browsers without crosssite information leakage.
improve the privacy of your browsing by not letting other sites know your browsing habits. secure yourself from crosssite request forgery (csrf), clickjacking, and other attacks.
crosssite requests are requests that your browser is told to make by a website you are visiting to a completely different website. though usually legitimate requests, they often result in advertising companies and other websites knowing your browsing habits, including specific pages you view throughout the day. among the attacks that crosssite requests are used in, they are particularly dangerous with crosssite request forgery (csrf) attacks where your browser is told to make a request to another website and that other website thinks you (the person) meant to make the request.
with requestpolicy, the default for any crosssite request is to deny it. users are notified when requests on the current page have been blocked (the status bar flag icon at the bottom right of your browser turns red). clicking on this status bar flag icon gives you a menu where you can view and modify which requests are blocked and allowed. you can whitelist requests you approve of by origin site, destination site, or specific origintodestination.
requestpolicy is compatible with firefox 3+, seamonkey 2.0, flock 2.0, songbird 1.0, and fennec 1.0. it works wherever these browsers do (linux, bsd, mac, windows, etc.).
Productivity Developer Tools Education and Reference Security Web Browsers
privacy-protection browser-extension analytics xss script-block browsing-security clickjacking cross-site-requests csrf