Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Speaking of information it has to be mentioned that it sometimes can be hard to<br />
find the correct information in terms of deprecated- or up-to-date information. With<br />
hindsight one of the most useful resources for this project was the source code of Firefox<br />
itself as it is - in this regards - the best documented source of information found on<br />
the web. Mozilla also provides a tool which interested developers can use to search the<br />
source code at http://mxr.mozilla.org/firefox.<br />
6.2. Initial situation<br />
As already mentioned, the aim of the applied part of this thesis is to enhance and up-port<br />
an outdated P3P extension for Firefox to create a basis for the open source community<br />
to further enhance it. The outdated P3P extension for Firefox is called “Privacyfox”<br />
and was originally developed by Fahd Arshad [Ars04] whereas the new, enhanced version<br />
which was developed by the author of this thesis and is called “Webprivacy”. Privacyfox<br />
and the issues which were encountered during the transition from Privacyfox to<br />
Webprivacy will be described in this section.<br />
6.2.1. Compatibility<br />
Privacyfox was developed in 2004 and there has not been a new release since 2005.<br />
Therefore, the extension does not work with current versions of Firefox anymore. This<br />
is due to several reasons, mainly they are security related:<br />
• Privacyfox tries to open a new tab and to write directly into it. This insecure<br />
behaviour is not allowed anymore in Firefox 3.<br />
• Privacyfox writes its debugging messages into a tab, not to the error console provided<br />
by Firefox.<br />
• Privacyfox loads external P3P policies directly from the Internet into the browser<br />
which is also not allowed anymore in Firefox 3.<br />
In addition to that, Privacyfox has some limitations when it comes to P3P 1.1 compliance.<br />
The most crucial ones are:<br />
• The “Test”-element is not validated.<br />
58<br />
• No support of multiple policies in one file.<br />
• The “Expiry”-element is not checked upon.<br />
• Lacking support of three mechanisms to locate policy reference files: Privacyfox<br />
only checks for a policy reference file in the well-known location, not in an HTML<br />
link-tag, XHTML link-tag or in the HTTP header.<br />
• Privacyfox does not check cookies, images or other external content on P3P compact<br />
policies.<br />
• Privacyfox does not check the privacy policy of websites before the website is<br />
actually loaded into the browser window.