RequestPolicy: Firefox extension for increased privacy and security
The Firefox extension I’ve been working on the past few months is now ready for general usage.
As I describe it on the requestpolicy.com website:
RequestPolicy is a Firefox extension that improves the privacy and security of your browsing by giving you control over when cross-site requests are allowed by webpages you visit.
The lack of user control over cross-site requests is a fundamental area that has been overlooked in browser security. We have great extensions like NoScript to give us control over the execution of scripts and objects in our browser, but cross site requests are still a major privacy and security problem that has been neglected. RequestPolicy provides a strong and secure default policy (blocking cross-site requests) and lets you whitelist cross-site requests as needed. As with extensions such as NoScript, within a week of using the extension, you won’t need to do much whitelisting.
The current version is 0.3.4. You can download it from requestpolicy.com or you can get it from the Mozilla addons site (addons.mozilla.org, a.k.a. AMO).
I just nominated it for public status at AMO a few days ago. It will probably be somewhere between a few weeks and a few months before it makes its way through the public nomination queue. In the mean time, downloading from AMO requires registering an account there, but you can download it from requestpolicy.com if you don’t have or want an AMO account.
It’s important to remember that this isn’t a replacement for NoScript. A truly secure Firefox installation will include both RequestPolicy and NoScript.
Let me know if you have any questions or suggestions, and especially if you discover any bugs!