This article was published on December 16, 2014

Gmail now supports Content Security Policy to reject malicious extensions


Gmail now supports Content Security Policy to reject malicious extensions

With Gmail being so universally popular, it’s no surprise there are some malicious pieces of software that try to interfere with the platform. To help prevent this from happening, Gmail is now adding support for Content Security Policy (CSP).

CSP is meant to stop malicious extensions from loading suspicious code that may mess with your Gmail session or jeopardize your email’s security. Google notes that this has happened with Chrome extensions in particular, and hence suggests you install the latest updates to your extensions on the Chrome Web Store to keep yourself safe.

Most of the popular extensions have been updated to work with CSP, according to the company. CSP is only available on the desktop version of Gmail at the moment, given the popularity of extensions for desktop browsers.

➤ Reject the unexpected – Content Security Policy in Gmail [Gmail Blog]

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with


Published
Back to top