Giorgio Maone, mahaliccin aikin
Ƙarar da aka ƙera don toshe lambar JavaScript mai haɗari da maras so, da nau'ikan hare-hare iri-iri (
Ɗaya daga cikin bambance-bambance a cikin nau'in gwajin NoScript don Chrome shine kashe tace XSS da aka yi amfani da shi don toshe rubutun rukunin yanar gizo da musanya lambar JavaScript ta ɓangare na uku. Har sai wannan fasalin ya ƙare kuma yana aiki, masu amfani za su dogara da ginanniyar XSS Auditor na Chrome, wanda ba shi da tasiri kamar Mai duba Injection na NoScript. Ba za a iya fitar da tacewar XSS ba tukuna saboda tana buƙatar sarrafa buƙatun asynchronous don yin aiki. A wani lokaci, lokacin ƙaura zuwa WebExtension, masu haɓaka Mozilla sun aiwatar da su a cikin wannan API wasu abubuwan ci gaba waɗanda suka wajaba don NoScript, kamar masu sarrafa asynchronous, waɗanda Google bai riga ya canza shi zuwa Chrome ba.
source: budenet.ru