A user of a client device that is protected by a firewall may navigate to a website using a particular browser process (e.g., a window/tab of a browser) of the client device, sending a content request toward a web content server in the process. The firewall may intercept the content request, and may also receive information from the client device identifying which browser process initiated the content request. Before passing the content request to the appropriate web content server, the firewall may request and download a security policy from a security policy server. The security policy may notify the firewall which hosts are authorized/unauthorized for use with a particular domain, and which file types from each of these hosts are authorized/unauthorized for use with the particular domain. The firewall may then filter content related to the identified browser process based on the security policy.