Google increases security for desktop Gmail with Content Security Policy support
Google today revealed a new feature for Gmail that should help to increase inbox security. Newly added support for Content Security Policy (CSP) keeps Gmail extensions in check to ensure that none are malicious or try to interfere with your Gmail session.
It's essentially server-side malware protection for Gmail extensions, and this is just the latest move from Google that aims to increase inbox security. Email security is of interest to everyone online, but it's something that is particularly important to business and enterprise users -- groups Google is keen to keep happy.
Content Security Policy serves as a means of intercepting unsafe code, stopping in its tracks before it has chance to cause any damage or gain access to personal information. Introducing the security feature, Google's Danesh Irani said:
Most popular (and well-behaved) extensions have already been updated to work with the CSP standard, but if you happen to have any trouble with an extension, try installing its latest version from your browser’s web store (for example, the Chrome Web Store for Chrome users).
CSP support has been added to the desktop version of Gmail; Google has not yet indicated if or when the same security feature will be made available to mobile users. Google recently added support for Security Key to Gmail, and has offered HTTPS access for a while now.