Gmail now supports Content Security Policy to prevent extensions from loading unsafe code


Google has made several strides to improve the safety and reliability of Gmail in the past year, such as serving images through secure proxy servers and requiring an encrypted HTTPS connection. Looking to continue to that trend, Google announced on Tuesday that it has improved the security of Gmail on the desktop by adding support for Content Security Policy (CSP).

CSP is designed to stop extensions that behave badly, load code that interferes with a Gmail session or contain malware that compromises your email security by preventing unsafe code from being loaded. Google claims that most popular extensions have already been updated to work properly with the CSP standard, and recommends that users upgrade any extensions that may be having issues.

Gmail is one of the more secure email services available, with Google having always encrypted emails using Transport Layer Security (TLS). Earlier this year, Google introduced an end-to-end encryption tool and encouraged other mail providers to add encryption for both sent and received emails. Additional security tips can be found through the Google Security Center.

FTC: We use income earning auto affiliate links

Recent Articles

Related Stories

Stay on op - Ge the daily news in your inbox