NoScript Database
Posted: Wed Dec 17, 2014 6:20 am
I am attempting to create a system that my employer can use that will block traffic to non-whitelisted domains / IPs using user controlled whitelists and group whitelists. The system uses Squid to allow for browser compatibility. A custom error page redirects a browser's request to an Apache PHP MySQL server, which then allows the user to enter whitelist information (for themselves and for groups they have write permissions to).
I've run into a problem in building this system: whitelisting the domain in the URL is obviously not sufficient for modern day usage, as there are many other connections made to other domains. I haven't even begun to consider how to handle cross site scripting.
I am posting this here because I recognize that the NoScript developers will have a lot of experience with whitelisting domains, and what is involved. Do you have any suggestions on how to proceed? Should I consider starting a new "project"?
I've run into a problem in building this system: whitelisting the domain in the URL is obviously not sufficient for modern day usage, as there are many other connections made to other domains. I haven't even begun to consider how to handle cross site scripting.
I am posting this here because I recognize that the NoScript developers will have a lot of experience with whitelisting domains, and what is involved. Do you have any suggestions on how to proceed? Should I consider starting a new "project"?