About Site Map Submit Contact Us Log in | Create an account
Create an account Log In
Average Rating
User Rating:
Visitors Rating:
My rating:

Write review
  • License: Freeware
  • Last update: 6 years ago
  • Total downloads: 104
  • Price: Free |
  • Operating system: Linux
  • Publisher: Philippe De Ryck and Lieven Desmet
See full specifications

linux default iconCsFire for linux Publisher's description

Autonomously protects you against dangerous or malicious cross-domain requests

When a website makes requests to another site, all kinds of malicious effects can occur. For instance, the information included in the request can be used to track the sites you visit. The request can also trigger certain undesired actions, an attack which is called Cross-Site Request Forgery (CSRF).

CSRF is considered very dangerous, as indicated by its ranking in the OWASP top 10 and the CWE/SANS top 25. The problem with a CSRF attack is that it makes requests on behalf of the user, without his/her knowledge. For instance, if a site (e.g. example.com) makes hidden requests to another site (e.g. myonlinebank.com), it can potentially cause harmful effects (transfer funds, create accounts, ...).

CsFire is a Firefox extension that protects you against malicious cross-domain requests, by rendering them harmless. This means that CsFire will remove authentication information (cookies and authentication headers), which ensures that a cross-domain request can not have harmful or undesired side-effects.

CsFire provides a secure-by-default policy, which can be extended with fine-grained remote policies as well as fine-grained local policies. The remote policies are obtained from a policy server, to selectively allow certain harmless cross-domain requests (e.g. sharing items on facebook). The local policies allow you to specify certain cross-domain requests that should be treated differently, should you wish to do so (this is not required in normal surfing scenarios).

CsFire is the result of an academic research paper titled CsFire: Transparent client-side mitigation of malicious cross-domain requests, published at the International Symposium on Engineering Secure Software and Systems 2010. The paper discusses the research behind this implementation, as well as the technical details of CsFire.

What's New in This Release:

В· Fixed redirect detection in Firefox 4 (API change)
В· Added localization for user interface
В· Added detection of url-encoded GET parameters

System Requirements:

В· Mozilla Firefox
Program Release Status:
Program Install Support: Install and Uninstall

CsFire for linux Tags:

Click on a tag to find related softwares

Is CsFire for linux your software?

Manage your software

Most Popular

linux default icon Psiphon 2.5
At Psiphon we are committed to an open and accessible Internet.
linux default icon iPad forums 20101002
Only forums, only iPad
linux default icon Webalizer Xtended 2.23-05 RB29
Webalizer Xtended is a fork of Webalizer External link (a server log file analysis program)......
linux default icon JAWStats 0.7 Beta
A Free Web Site Statistics tool
linux default icon Phzilla (formerly PhProxy - InBasic) 3.5.1A
Allows you to open block pages automatically using web Proxy