Google
An lura cewa a halin yanzu sama da kashi 90% na masu amfani da Chrome suna buɗewa ta hanyar amfani da HTTPS. Kasancewar abubuwan da aka ɗora ba tare da ɓoyewa ba yana haifar da barazanar tsaro ta hanyar gyara abubuwan da ba su da kariya idan akwai iko akan tashar sadarwa (misali, lokacin haɗawa ta hanyar buɗe Wi-Fi). An gano gaurayen abun ciki mai nuna rashin tasiri da yaudara ga mai amfani, saboda baya bayar da cikakkiyar kima na tsaron shafin.
A halin yanzu, mafi haɗari nau'ikan gauraye abun ciki, kamar rubutun da iframes, an riga an toshe su ta hanyar tsohuwa, amma ana iya sauke hotuna, fayilolin odiyo da bidiyo ta hanyar http://. Ta hanyar zurfafa hoto, maharin na iya musanya Kukis masu bin diddigin mai amfani, ko ƙoƙarin yin amfani da lahani a cikin masu sarrafa hoto, ko yin jabu ta hanyar maye gurbin bayanan da aka bayar a hoton.
Gabatarwar toshewa ya kasu kashi da yawa. Chrome 79, wanda aka tsara don 10 ga Disamba, zai ƙunshi sabon saiti wanda zai ba ku damar musaki toshewa ga takamaiman shafuka. Za a yi amfani da wannan saitin zuwa gauraya abun ciki wanda aka riga an toshe, kamar rubutun da iframes, kuma za a kira shi ta cikin menu wanda ya sauko ƙasa lokacin da ka danna alamar kulle, maye gurbin alamar da aka tsara a baya don kashe toshewa.
Chrome 80, wanda ake tsammanin ranar 4 ga Fabrairu, zai yi amfani da tsarin toshe mai laushi don fayilolin odiyo da bidiyo, yana nuna maye gurbin http: // hanyoyin haɗin kai tare da https: //, wanda zai adana aiki idan matsalar matsalar kuma ta hanyar HTTPS. . Hotuna za su ci gaba da lodi ba tare da canje-canje ba, amma idan an sauke ta http://, shafukan https:// za su nuna alamar haɗi mara tsaro ga dukan shafin. Don canzawa ta atomatik zuwa https ko toshe hotuna, masu haɓaka rukunin yanar gizon za su iya amfani da haɓaka kaddarorin CSP-buƙatun-marasa tsaro da toshe-duk-gauraye-abun ciki. Chrome 81, wanda aka shirya don Maris 17, zai gyara kai-tsaye http:// zuwa https:// don shigar da hotuna masu gauraya.
Bugu da kari, Google
Don kiyaye sirri, lokacin samun dama ga API na waje, kawai baiti biyu na farko na hash na shiga da kalmar wucewa ana watsa su (ana amfani da hashing algorithm.
source: budenet.ru