Changes

* Familiarize yourself with the problem by reading literature on XSS-Filters: ** Introduction of the Chrome/Webkit filter called XSS Auditor in "Regular expressions considered harmful in client-side XSS filters" ** Security vulnerabilities introduced though XSS filters in IE8: https://blog.c22.cc/2010/04/15/blackhat-europe-universal-xss-via-ie8s-xss-filters-2/ ** Bypassing XSS filters: (http://www.thespanner.co.uk/2015/02/10/xss-auditor-bypass/, http://brutelogic.com.br/blog/chrome-xss-bypass/)* Familiarize yourself with the state of the art of implementing an XSS filter: ** Browse the source code of NoScript, XSSAuditor in WebKit, or also the source of Internet Explorer (which can be inspected by looking into mshtml.dll) ** Compare approaches of these filters to answer questions like: where do their approaches overlap, which differences exist in their threat models, etc.* Prepare yourself for implementing a filter within Firefox: ** Outline the advantages and disadvantages of existing approaches Sketch out details for the actual implementation