Thesis Details

Impact of the Application of the Content-Security-Policy Header on Firefox Webextensions

Bachelor's Thesis Student: Inhliziian Bohdan Academic Year: 2019/2020 Supervisor: Polčák Libor, Ing., Ph.D.
Czech title
Testování vlivu aplikace hlavičky Content-Security-Policy na kód vložený rozšířeními prohlížeče Firefox
Language
English
Abstract

A four-year-old bug in official Firefox's Bugzilla reported that the Content-Security-Policy response header affects the behavior of browser extensions. The goal of this thesis is to test and analyze all of Firefox's extensions in the official extensions store to learn how many of them are affected by the bug. The work has four phases: download all extensions from the store, create usable web GUI, implement the testing application, execute tests, and evaluate the results. We show that the application of CSP header on a web site may influence about 10% of Firefox web extensions and 29% of extensions recommended by Firefox. The total number of users of all influenced recommended extensions is 11 650 730. Hopefully, this research highlights the problem and pushes Firefox developers to fix the bug.

Keywords

Browser extension testing, Firefox extensions, bug in Firefox, CSP header, extensions CSP error, CSP reports, Selenium extensions testing.

Department
Degree Programme
Information Technology
Files
Status
defended, grade D
Date
10 July 2020
Reviewer
Committee
Vojnar Tomáš, prof. Ing., Ph.D. (DITS FIT BUT), předseda
Kekely Lukáš, Ing., Ph.D. (DCSY FIT BUT), člen
Křivka Zbyněk, Ing., Ph.D. (DIFS FIT BUT), člen
Rogalewicz Adam, doc. Mgr., Ph.D. (DITS FIT BUT), člen
Španěl Michal, Ing., Ph.D. (DCGM FIT BUT), člen
Citation
INHLIZIIAN, Bohdan. Impact of the Application of the Content-Security-Policy Header on Firefox Webextensions. Brno, 2020. Bachelor's Thesis. Brno University of Technology, Faculty of Information Technology. 2020-07-10. Supervised by Polčák Libor. Available from: https://www.fit.vut.cz/study/thesis/22483/
BibTeX
@bachelorsthesis{FITBT22483,
    author = "Bohdan Inhliziian",
    type = "Bachelor's thesis",
    title = "Impact of the Application of the Content-Security-Policy Header on Firefox Webextensions",
    school = "Brno University of Technology, Faculty of Information Technology",
    year = 2020,
    location = "Brno, CZ",
    language = "english",
    url = "https://www.fit.vut.cz/study/thesis/22483/"
}
Back to top