W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2014

Re: CSP Transition Tools

From: Ken Lee <kennysan@gmail.com>
Date: Sat, 18 Jan 2014 00:07:29 -0500
Message-ID: <CABnyH-Y8eE2=v5ycrW5bQSCLHgDhTxjiRQUdkRQvxwezHhxYKg@mail.gmail.com>
To: Frederik Braun <fbraun@mozilla.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
haha, this is actually an interesting, funny coincidence. I gave this
guy (Nicolas Golubovic) an advanced copy of my proxy tool before he
wrote his thesis and briefly discussed the idea of externalizing
scripts with a proxy tool with him. Interesting to see that he's also
using mitmproxy to handle the interception of requests, and glad that
he turned his idea into a real thing!

On Wed, Jan 15, 2014 at 4:25 AM, Frederik Braun <fbraun@mozilla.com> wrote:
> There was a very good bachelor's thesis at the Ruhr University of
> Bochum, in which the author also wrote a reverse proxy that collects
> inline items and generates external files for them (using a learning & a
> production mode).
>
> The tool is available at https://github.com/qll/autoCSP, and I can
> surely find the thesis PDF if this is interesting enough and I start
> some additional digging ;)
>
Received on Saturday, 18 January 2014 05:08:17 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:04 UTC