Security

  • Revision slug: Security
  • Revision title: Security
  • Revision id: 61695
  • Created:
  • Creator: Jesse
  • Is current revision? No
  • Comment 1 words added, 1 words removed

Revision Content

Web security

Content Security Policy
An added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware.
Scripts and the Same Origin Policy
The same origin policy prevents a document or script loaded from one origin from getting or setting properties of a document from a different origin.
Securing your site
Tips and best practices for security your site and your users' data.

Finding browser vulnerabilities

Known Vulnerabilities and Fixes in Mozilla
Learn from our past mistakes.
Bug bounties
We appreciate the contributions of security researchers.
Debugging Mozilla with Valgrind
A memory debugger that can also track use of uninitialized memory.
Building Firefox with Address Sanitizer
A memory debugger that can also find non-heap errors.
Dehydra
Mozilla's framework for custom static analyses.
Clang Static Analysis
A static analysis tool to find common bugs in C-family languages.

View All...

Community

  • Forums
    • {{ Forum("dev-security", "mozilla.dev.security") }}
    • {{ Forum("dev-tech-crypto", "mozilla.dev.tech.crypto") }}

Related Topics

Developing Mozilla

{{ languages( { "es": "es/Seguridad", "fr": "fr/S\u00e9curit\u00e9", "ja": "ja/Security", "pl": "pl/Bezpiecze\u0144stwo", "pt": "pt/Seguran\u00e7a", "de": "de/Sicherheit" } ) }}

Revision Source

<table class="topicpage-table"> <tbody> <tr> <td> <h4 name="Documentation">Web security</h4> <dl> <dt><a href="/en/Security/CSP" title="en/Security/CSP">Content Security Policy</a></dt> <dd><small>An added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware.</small></dd> </dl> <dl> <dt><a class="internal" href="/en/Same_origin_policy_for_JavaScript" title="En/Same origin policy for JavaScript">Scripts and the Same Origin Policy</a></dt> <dd><small>The same origin policy prevents a document or script loaded from one origin from getting or setting properties of a document from a different origin.</small></dd> </dl> <dl> <dt><a href="/en/Security/Securing_your_site" title="en/Security/Securing your site">Securing your site</a></dt> <dd><small>Tips and best practices for security your site and your users' data.</small></dd> </dl> <h4>Finding browser vulnerabilities</h4> <dl> <dt><a class="external" href="http://www.mozilla.org/projects/security/known-vulnerabilities.html">Known Vulnerabilities and Fixes in Mozilla</a></dt> <dd><small>Learn from our past mistakes.</small></dd> <dt><a class="external" href="http://www.mozilla.org/security/bug-bounty.html" title="http://www.mozilla.org/security/bug-bounty.html">Bug bounties</a></dt> <dd>We appreciate the contributions of security researchers.</dd> <dt><a class="internal" href="/en/Debugging_Mozilla_with_Valgrind" title="en/Debugging Mozilla with valgrind">Debugging Mozilla with Valgrind</a></dt> <dd>A memory debugger that can also track use of uninitialized memory.</dd> <dt><a href="/en/Building_Firefox_with_Address_Sanitizer" title="Building Firefox with Address Sanitizer"><span class="internal">Building Firefox with Address Sanitizer</span></a></dt> <dd>A memory debugger that can also find non-heap errors.</dd> <dt><a href="/en/Dehydra" title="Dehydra">Dehydra</a></dt> <dd>Mozilla's framework for custom static analyses.</dd> <dt><a href="/en/Clang_Static_Analysis" title="Clang Static Analysis">Clang Static Analysis</a></dt> <dd>A static analysis tool to find common bugs in C-family languages.</dd> </dl> <p><span class="alllinks"><a href="/Special:Tags?tag=Security&amp;language=en" title="Special:Tags?tag=Security&amp;language=en">View All...</a></span></p> </td> <td> <h4 name="Community">Community</h4> <ul> <li>Forums <ul> <li>{{ Forum("dev-security", "mozilla.dev.security") }}</li> <li>{{ Forum("dev-tech-crypto", "mozilla.dev.tech.crypto") }}</li> </ul> </li> </ul> <ul> <li>IRC channels <ul> <li><a class="link-irc" href="irc://irc.mozilla.org/security" title="irc://irc.mozilla.org/security">#security</a> on irc.mozilla.org</li> <li><a class="link-irc" href="irc://irc.mozilla.org/fuzzing" title="irc://irc.mozilla.org/fuzzing">#fuzzing</a> on irc.mozilla.org</li> </ul> </li> <li>Blogs <ul> <li><a class="link-https" href="https://blog.mozilla.com/security/" title="https://blog.mozilla.com/security/">https://blog.mozilla.com/security/</a></li> </ul> </li> <li>Twitter <ul> <li><a class="link-https" href="https://twitter.com/#!/mozsec" title="https://twitter.com/#!/mozsec">@mozsec</a></li> </ul> </li> </ul> <h4 name="Related_Topics">Related Topics</h4> <dl> <dd><a href="/En/Developer_Guide" title="en/Developing_Mozilla">Developing Mozilla</a></dd> </dl> </td> </tr> </tbody>
</table>
<p>{{ languages( { "es": "es/Seguridad", "fr": "fr/S\u00e9curit\u00e9", "ja": "ja/Security", "pl": "pl/Bezpiecze\u0144stwo", "pt": "pt/Seguran\u00e7a", "de": "de/Sicherheit" } ) }}</p>
Revert to this revision