ProHoster > Блог > labaran intanet > Google ya ba da hujjar taƙaita buƙatar API ɗin yanar gizo da masu toshe talla ke amfani da shi

Google ya ba da hujjar taƙaita buƙatar API ɗin yanar gizo da masu toshe talla ke amfani da shi

Masu haɓaka Chrome browser gwada barata dakatar da goyan bayan yanayin toshe aiki na API ɗin yanar gizo, wanda ke ba ku damar canza abun ciki da aka karɓa akan tashi kuma ana amfani da shi sosai a cikin add-ons don toshe talla,
kariya daga malware, phishing, leken asiri akan ayyukan mai amfani, kulawar iyaye da keɓantawa.

Dalilan Google:

  • Yanayin toshe API Neman yanar gizo yana kaiwa ga yawan amfani da albarkatu.
    Lokacin amfani da wannan API ɗin, mai binciken yana fara aika ƙara akan duk bayanan da ke cikin buƙatun hanyar sadarwa, ƙari yana bincikar shi kuma ya dawo da sigar da aka gyara don ƙarin aiki a cikin mai binciken ko kuma ba da umarnin toshewa. A wannan yanayin, babban jinkiri ba ya tashi a matakin sarrafa zirga-zirga ta hanyar ƙarawa, amma saboda yawan kuɗin da ake kashewa na daidaitawa da aiwatar da add-on. Musamman ma, irin wannan magudi yana buƙatar ƙaddamar da wani tsari daban don dacewa, da kuma yin amfani da IPC don yin hulɗa tare da wannan tsari da hanyoyin tattara bayanai;

  • Ƙarar gaba ɗaya tana sarrafa duk zirga-zirga a ƙaramin matakin, wanda ke buɗe ɗimbin dama don cin zarafi da keta sirrin sirri. Dangane da kididdigar Google, kashi 42% na duk abubuwan da aka gano qeta sun yi amfani da API ɗin neman yanar gizo. An lura cewa kowane wata, ana toshe yunƙurin sanya matsakaita na 1800 miyagu add-ons a cikin kasidar Shagon Yanar Gizon Chrome. Abin baƙin ciki, bita baya ƙyale mu mu kama duk add-ons masu ƙeta ba tare da togiya ba, don haka don haɓaka kariya, an yanke shawarar iyakance add-ons a matakin API. Babban ra'ayin shine don samar da add-ons tare da samun dama ga duk zirga-zirga, amma kawai ga bayanan da ya wajaba don aiwatar da aikin da aka yi niyya. Musamman, don toshe abun ciki, ba lallai ba ne don ba da ƙarin damar shiga duk bayanan mai amfani na sirri;
  • API ɗin sanarwar da aka gabatar Buƙatar NetRequest yana kula da duk aikin tace abun ciki mai girma kuma yana buƙatar ƙari kawai don ɗaukar ƙa'idodin tacewa. Add-on ba zai iya tsoma baki tare da zirga-zirga ba kuma bayanan sirri na mai amfani ya kasance ba a taɓa shi ba;
  • Google yayi la'akari da yawa daga cikin maganganun game da rashin aikin declarativeNetRequest API kuma ya faɗaɗa iyaka kan adadin ƙa'idodin tacewa daga farkon da aka ba da shawarar 30 dubu kowane tsawo zuwa matsakaicin duniya na 150, sannan kuma ya kara da ikon yin ƙarfi. canza da ƙara dokoki, cirewa da maye gurbin masu buga HTTP (Referer, Cookie, Set-Cookie) da buƙatar sigogi;
  • Ga kamfanoni, yana yiwuwa a yi amfani da yanayin toshe aiki na API ɗin yanar gizo, tun da manufar yin amfani da add-ons an ƙaddara ta mai gudanarwa wanda ya fahimci fasalin kayan aikin kuma yana sane da haɗari. Misali, ana iya amfani da ƙayyadadden API a cikin kamfanoni don yin rikodin zirga-zirgar zirga-zirgar ma'aikata da haɗawa da tsarin ciki;
  • Manufar Google ba shine ta lalata ko murkushe tallan da ke toshe add-ons ba, amma don ba da damar ƙirƙirar mafi aminci kuma mafi ƙarfi blockers;
  • Rashin son barin yanayin toshewa na API ɗin yanar gizo tare da sabon shelaNetRequest an bayyana shi ta hanyar sha'awar iyakance damar ƙarawa zuwa bayanan sirri. Idan ka bar API ɗin neman yanar gizo kamar yadda yake, yawancin addons ba za su yi amfani da mafi amintaccen shela NetRequest ba, tunda lokacin zabar tsakanin tsaro da ayyuka, yawancin masu haɓakawa za su zaɓi ayyuka.

Rashin amincewa masu haɓakawa kari:

  • Add-on Developers gwaje-gwaje nuna wani tasiri mai mahimmanci ga ayyukan talla na toshe add-ons (a lokacin gwaji, an kwatanta ayyukan add-ons daban-daban, amma ba tare da la'akari da ƙarin ƙarin tsari wanda ke daidaita aiwatar da aiwatar da masu sarrafa a cikin yanayin toshewa ba. API ɗin neman yanar gizo);
  • Ba shi da amfani don dakatar da goyan bayan API ɗin da ake amfani da shi sosai a cikin abubuwan ƙarawa. Maimakon cire shi, za ka iya ƙara izini daban kuma ka kula da daidaitaccen amfani da shi a cikin add-ons, wanda zai ceci marubutan shahararrun add-ons daga sake yin aikin su gaba ɗaya kuma su guje wa yanke ayyuka;
  • Don rage yawan kuɗin da ake kashewa, ba za ku iya share API ɗin ba, amma ku sake yin shi bisa tsarin Alƙawari, kama da aiwatar da buƙatar yanar gizo a Firefox;
  • Zaɓin da aka gabatar, declarativeNetRequest, baya rufe duk buƙatun masu haɓakawa don toshe talla da tsaro / sirri, tunda baya ba da cikakken iko akan buƙatun hanyar sadarwa, baya ƙyale amfani da algorithms tacewa na al'ada, kuma baya yarda. yin amfani da ƙayyadaddun ƙa'idodi waɗanda ke haɗuwa da juna dangane da yanayin;
  • Tare da halin yanzu na declarativeNetRequest API, ba shi yiwuwa a sake ƙirƙirar ayyukan da ake da su na uBlock Origin da uMatrix add-ons ba su canza ba, kuma yana ƙara haɓaka tashar tashar NoScript don Chrome mara ma'ana;
  • Damuwa game da keɓantawa ya yi nisa, tunda karanta-kawai, yanayin rashin toshewa na gidan yanar gizoRequest API an bar shi a wurin kuma har yanzu yana ba da damar ƙara ƙararrawa don sarrafa duk zirga-zirga, amma baya ba da ikon tsoma baki tare da shi akan tashi (canja abun ciki, sanya tallan ku, gudanar da masu hakar ma'adinai da kuma nazarin abubuwan da ke cikin fom ɗin shigarwa za a iya amfani da su bayan an gama loda shafin);
  • Masu haɓaka Browser Marasa Tsoro, Opera и Vivaldi, wanda aka gina akan injin Chromium, sun yi niyyar barin goyan baya ga yanayin toshewar neman yanar gizo a cikin samfuran su.

source: budenet.ru

Add a comment