Logo

Security & Privacy Whitepaper (Overview)Chapter 9

Chapter 9 Web Security & Client Isolation

The web layer is the most exposed surface. This chapter defines the baseline web security posture for FileBolt: strict CSP and headers, no third-party scripts on sensitive pages, and defensive measures against injection and UI abuse.

9.1 Threats

  • XSS, DOM injection, supply-chain scripts, clickjacking, and UI redress attacks.
  • Prompt injection or UI tricking to make users reveal links or secrets.
  • Token theft via insecure storage or referrer leakage.

9.2 Page isolation

  • Sensitive pages (download/decrypt) SHOULD avoid third-party scripts and minimize dependencies.
  • Cross-origin isolation MAY be used when needed for performance/security features, but MUST remain compatible.
  • Pages SHOULD enforce strict referrer policies to avoid leaking URLs.

9.3 Injection defenses / UI abuse protection

  • All untrusted input MUST be escaped/sanitized before being inserted into the DOM.
  • Do not render untrusted HTML. Prefer text rendering and safe templating.
  • Where user-controlled names/metadata exist, enforce length and character restrictions.

9.4 Security headers & browser policies

9.4.1 Recommended headers (illustrative)

  • Content-Security-Policy with restrictive script-src and appropriate connect-src.
  • Referrer-Policy: no-referrer or strict-origin-when-cross-origin depending on page requirements.
  • X-Content-Type-Options: nosniff, Permissions-Policy, and HSTS (see Chapter 5).

9.5 Verifiable evidence

  • Public links to third-party reports are aggregated on /status.
  • Evidence focuses on baseline web security posture (TLS, headers); protocol-level zero-knowledge claims are backed by design constraints and Claim IDs.