webext-signed-pages
webext-signed-pages copied to clipboard
tasn
A browser extension to verify the authenticity (PGP signature) of web pages
This will make the signatures much smaller, and easier for people to set up, as minisign is dead simple. Reference: https://github.com/jedisct1/minisign
Maybe helps for https://github.com/tasn/webext-signed-pages/issues/17 **Untested**!
- Should be backwards compatible - Uped version to 0.5.0 - Moves from comment to a meta tag inside head - Allows multiple signatures - Allows for a non-minimized signature...
At the moment we ask users to manually add the pattern and the publickey. It'd be much better to just let them paste a link to a json config file...
I already mentioned this in another issue, but here again. You can use "require-sri" in the CSP to instruct recent browser to load stuff only with sri. (Or was it...
When following the HTML comment syntax correctly `--` is not allowed in the comments. At least Firefox complains about this when viewing the site in the source code mode. So...
BTW why do you need that at all? Can't you just take the DOM content literally and that's it?
Currently the system takes the raw content and runs it through a Minimizer to create a canonical form before using it for signature creation or verification . This makes the...
Your not very low aim is to provide the same security to web versions of software, as for native desktop apps. Okay, you verify the integrity (and to some extend...
If there is a signature error, can you somehow show a popup? Or safely inject a popup into the website? (Safely, so that the website cannot remove it.) Or maybe...