Firefox View Dependencies
Randy was commenting on today's article about the use of several Firefox profiles and pointed out that he would love a list of the security add-ons that I'm using in my secure profile.
One of those is called View Dependencies. You have to understand that loading a website is not like downloading one file to your computer. A website can be broken into several files that are all downloaded separately.
It's mostly images and scripting files like stylesheets or JavaScript that get downloaded whenever you connect to a website in a browser.
Now for security purposes I want to know where the files are loaded from. Say I connect to my bank's website and take a look at the downloaded files only to see that some scripts are loaded from a server not located in the country. Should I be worried about that? Hell yeah I should. A rule of thumb is that files should only be downloaded from the website that is serving the files, at least when it comes to commercial or financial websites.
It does not really matter if a blog loads images from Flickr for example. It still could be that the server the files are loaded from belong to the same company but I would not take that risk. I would immediately call them and ask for an explanation and stop whatever I was doing.
The Firefox add-on adds a new tab into the Page Info window that is called Dependencies. What I really like is that you see with one glimpse if the files have been send by more than one server. It is furthermore possible to exactly see which files have been served by which server.
I know that several other applications do the same, Firebug for instance can do that to. Firebug however is a huge add-on and I prefer this cleaner smaller add-on for this purpose.
Update: Recent versions of Firefox ship with Developer Tools that provide you with similar information. Just press F12, switch to the Network tab and reload the page you are on. It displays a list of all files received during the connection including the originating domain.
Hubird really, where is the option to see all the files that have been requested from a page ?
Ad Block Plus can do the same thing and more (block ads and nasties)
Cool! It is tips like this that makes me log on to your site religiously.