Method and system for blocking malicious third party site tagging

We claim: 1 . A method, implemented on a computing device having at least one processor, storage, and a communication platform connected to a network for blocking malicious third party site tagging using content security policy (CSP), the method comprising: receiving from a user, a request to access a web page; obtaining a page resource associated with the web page; adding one or more tags to the page resource; interpreting one or more tag sources corresponding to the one or more tags, respectively; constructing at least one content security policy based on the one or more tag sources; enforcing the at least one content security policy on the page resource; and presenting to the user, the web page in accordance with the enforced at least one content security policy. 2 . The method of claim 1 , further comprising: receiving an application to board the one or more tags on the web page; determining whether each of the one or more tag sources is a third party domain associated with the web page; if one tag source is the third party domain associated with the web page, generating a whitelisted source corresponding to the tag source; and storing the whitelisted source in a database. 3 . The method of claim 1 , further comprising: obtaining at least one succeeding tag from the one or more tags; determining whether the at least one succeeding tag complies with the at least one content security policy; and if the at least one succeeding tag complies with the at least one content security policy, obtaining at least one succeeding tag resource associated with the at least one succeeding tag. 4 . The method of claim 3 , further comprising: if the at least one succeeding tag does not comply with the at least one content security policy, blocking at least one succeeding tag source corresponding to the at least one succeeding tag; and generating a violation record including the at least one succeeding tag source, violated content security policy, and a preceding tag source. 5 . The method of claim 3 , further comprising: if the at least one succeeding tag does not comply with the at least one content security policy, obtaining at least one succeeding tag resource associated with the at least one succeeding tag; and generating a violation record including the at least one succeeding tag source, violated content security policy, and a preceding tag source. 6 . The method of claim 5 , further comprising: applying the at least one content security policy to one or more scenarios; evaluating the at least one succeeding tag in the one or more scenarios; determining whether the at least one content security policy performs consistently across the one or more scenarios; if the at least one content security policy performs consistently across the one or more scenarios, generating a whitelisted source corresponding to the at least one succeeding tag; and storing the whitelisted source in a database. 7 . The method of claim 1 , wherein the at least one content security policy defines the one or more tag sources as whitelisted sources from which the one or more tags and at least one succeeding tag are allowed to be boarded on the web page. 8 . A system having at least one processor storage, and a communication platform for blocking malicious third party site tagging using content security policy (CSP), the system comprising: a user interfacing module configured to receive from a user, a request to access a web page; a page retrieving module configured to obtain a page resource associated with the web page; a tag adding module configured to add one or more tags to the page resource; an interpreting module configured to interpret one or more tag sources corresponding to the one or more tags, respectively; a content security policy constructing module configured to construct at least one content security policy based on the one or more tag sources; an enforcing module configured to enforce the at least one content security policy on the page resource; and a presenting module configured to present to the user, the web page in accordance with the enforced at least one content security policy. 9 . The system of claim 8 , further comprising: a third party interfacing module configured to receive an application to board the one or more tags on the web page; a tag processing module configured to determine whether each of the one or more tag sources is a third party domain associated with the web page; and a source whitelist generating module configured to generate a whitelisted source corresponding to the tag source and store the whitelisted source in a database, if one tag source is the third party domain associated with the web page. 10 . The system of claim 8 , further comprising: a succeeding tag obtaining module configured to obtain at least one succeeding tag from the one or more tags; and a succeeding tag processing module configured to determine whether the at least one succeeding tag complies with the at least one content security policy; and if the at least one succeeding tag complies with the at least one content security policy, obtain at least one succeeding tag resource associated with the at least one succeeding tag. 11 . The system of claim 10 , wherein if the at least one succeeding tag does not comply with the at least one content security policy, the succeeding tag processing module is further configured to: block at least one succeeding tag source corresponding to the at least one succeeding tag; and generate a violation record including the at least one succeeding tag source, violated content security policy, and a preceding tag source. 12 . The system of claim 10 , wherein if the at least one succeeding tag does not comply with the at least one content security policy, the succeeding tag processing module is further configured to: obtain at least one succeeding tag resource associated with the at least one succeeding tag; and generate a violation record including the at least one succeeding tag source, violated content security policy, and a preceding tag source. 13 . The system of claim 12 , further comprising: a violation analyzing module configured to apply the at least one content security policy to one or more scenarios; and an evaluating module configured to evaluate the at least one succeeding tag in the one or more scenarios, wherein the succeeding tag processing module is further configured to determine whether the at least one content security policy performs consistently across the one or more scenarios; if the at least one content security policy performs consistently across the one or more scenarios, generate a whitelisted source corresponding to the at least one succeeding tag; and store the whitelisted source in a database. 14 . The system of claim 8 , wherein the at least one content security policy defines the one or more tag sources as whitelisted sources from which the one or more tags and at least one succeeding tag are allowed to be incorporated into the web page. 15 . A non-transitory machine-readable medium having information recorded thereon for blocking malicious third party site tagging using content security policy (CSP), wherein the information, when read by the machine, causes the machine to perform the following: receiving from a user, a request to access a web page; obtaining a page resource associated with the web page; adding one or more tags to the page resource; interpreting one or more tag sources corresponding to the one or more tags, respectively; constructing at least one