How To Turn Chrome or Firefox Into A Single-Site Browser - gHacks Tech News

How To Turn Chrome or Firefox Into A Single-Site Browser

A Single-Site browser serves a very specific purpose. You use it to access one, and sometimes a handful, of websites and services on the Internet. This can be financial sites, your email accounts or other sites with personal information like a medical related sites. The basic idea is to block access to all other sites to protect the account and information from certain attack forms like cross site scripting or clickjacking.

All connections are blocked except to those sites that you have explicitly allowed. This means that third party scripts won't be loaded if they originate on a non-whitelisted domain, and that you won't be able to open third party sites manually in the browser.

This guide demonstrates how to turn Firefox and Google Chrome into a single-site browser. Inspiration has been taken from Vasa's post over at the Wilders Security Forum.

Google Chrome

Google Chrome users can make use of the --host-rules parameter to block all domain connections except the ones they whitelist. The general parameter looks like this:

--host-rules="MAP * 127.0.0.1, EXCLUDE *.ghacks.net"

This redirects all connection attempts to localhost, except for connections to the ghacks.net site or one of its subdomains.

You can also add multiple inclusions in the following way:

--host-rules="MAP * 127.0.0.1, EXCLUDE *.ghacks.net","MAP * 127.0.0.1, EXCLUDE *.microsoft.com"

Windows users can add the parameter to Chrome in the following way:

  • Locate a Chrome shortcut in the Start Menu, Taskbar or Desktop
  • Right-click the shortcut and select Properties
  • Append the parameter to the end of the Target listing, with a space in between.
  • Click Ok to apply the settings.

google chrome single-site browser

You could alternatively create a second shortcut to use it for accessing your important sites, and keep the general shortcut for all other sites that you visit in the browser.

Firefox

Mozilla Firefox users need to install the SimpleBlock extension for their browser first. They then need to create a SimpleBlock.ini file in the user profile folder and add a regular expression to it to allow access to certain sites.

R: https?://(?!(My.bank.com|Second.site.com|Third.site.com))

This would allow access to the three domains mentioned above, and block all other connection attempts.

It is probably best to create a new user profile for this. You can use an add-on like Switchy or the new Firefox profile manager application.

Closing Words

It is best to create new profiles or shortcuts to work with Single-Site browsers. Security add-ons like NoScript can mitigate the issues if they are configured properly.





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Robert Palmar said on February 15, 2012 at 6:02 pm
      Reply

      An interesting approach to create a single site browser.

      Personally, I use portable versions of browsers just for this purpose.
      For example, I use SRWare Iron to access Google Voice and only that site.

      1. Martin Brinkmann said on February 15, 2012 at 6:25 pm
        Reply

        Which would leave you vulnerable if someone managed to post an exploit on that site.

        1. Robert Palmar said on February 15, 2012 at 6:49 pm
          Reply

          Yes, but what is the likelihood of that?
          And one could protect a portable browser
          in a similar manner if one did feel vulnerable?

        2. Martin Brinkmann said on February 15, 2012 at 6:55 pm
          Reply

          Yes you are right. The likelihood is slim and you could protect the browser in a similar manner.

    2. Robert said on February 16, 2012 at 10:34 pm
      Reply

      >This means that third party scripts won’t be loaded if they originate on a non-whitelisted domain

      Or Firefox users could just use the noscript plugin. Much easier interface than SimpleBlock IMHO.

    3. Petko said on May 7, 2017 at 9:56 pm
      Reply

      You can add multiple inclusions in the following (shorter) way:

      –host-rules=”MAP * 127.0.0.1, EXCLUDE *.ghacks.net, EXCLUDE *.microsoft.com”

      There is no need to retype the “MAP * 127.0.0.1” part.

    4. Anonymous said on November 14, 2017 at 12:53 am
      Reply

      did not work for me A message pops up each time
      the name is specify box –host-rules=”MAP * 127.0.0.1, EXCLUDE *.ghacks.net, EXCLUDE *.microsoft.com”is invalid

    Leave a Reply