Last week Mozilla’s security program manager, Brandon Sterne, posted an update to Mozilla’s plan for its Content Security Policy (CSP).  The news has gotten positive attention in the press and has resulted in more than 10 articles since the post.

The Register’s Dan Goodin comments on CSP’s potential. He says, “Still, CSP is worth watching – and if you’re a web developer, even playing around with. If it works as intended, it could prove to be one of the more promising solutions for a Web 2.0 world that’s built first and is only later, if ever, patched.”

Johnathan Nightingale spoke with ComputerWorld’s Gregg Keizer. Gregg notes, “‘This isn’t a single trick that’s meant to counter a single kind of attack,’ said Johnathan Nightingale, the manager of the Firefox front-end development team. ‘This helps sites solve cross-site scripting, but it’s more than that. They now have a way to shut everything dynamic off, so that no matter what content gets added to a site, if it’s on the page and they’ve sent us policy instructions in its header, we shut it down.’”

Additional coverage highlights include: Threatpost, Security Focus, PC Magazine, ITChuiko, The Inquirer,  InternetNews, InformationWeek, The H and Beta News