A cikin Adblock Plus ad blocker rauni, tsara aiwatar da lambar JavaScript a cikin mahallin shafukan yanar gizo, a cikin yanayin amfani da abubuwan tacewa waɗanda maharan suka shirya (misali, lokacin haɗa tsarin tsarin ɓangare na uku ko ta hanyar sauya dokoki yayin harin MITM).
Marubutan jeri tare da saitin tacewa na iya tsara aiwatar da lambar su a cikin mahallin rukunin yanar gizon da mai amfani ya buɗe ta hanyar ƙara dokoki tare da mai aiki "", wanda ke ba ku damar maye gurbin sashin URL. Mai aikin sake rubutawa baya ƙyale ka ka maye gurbin mai watsa shiri a cikin URL, amma yana ba ka damar sarrafa muhawarar buƙatun kyauta. Za'a iya amfani da rubutu kawai azaman abin rufe fuska, kuma an ba da izinin musanya rubutun, abu da alamun ƙananan bayanai .
Duk da haka, ana iya samun aiwatar da code a cikin wani aiki.
Wasu rukunin yanar gizon, gami da Google Maps, Gmail, da Hotunan Google, suna amfani da dabarar loda manyan tubalan JavaScript, waɗanda ake watsa su cikin sigar rubutu. Idan uwar garken ya ba da izinin sake jujjuya buƙatun, to ana iya isarwa zuwa wani mai masaukin baki ta hanyar canza sigogin URL (misali, a cikin mahallin Google, ana iya yin turawa ta hanyar API ""). Baya ga rundunonin da ke ba da izinin juyawa, ana kuma iya kai hari kan ayyukan da ke ba da izinin buga abun ciki na mai amfani (code hosting, dandamalin buga labarin, da sauransu).
Hanyar kai hari da aka tsara tana shafar kawai shafukan da ke loda kirtani na lambar JavaScript (misali, ta hanyar XMLHttpRequest ko Fetch) sannan a aiwatar da su. Wani muhimmin iyakancewa shine buƙatar amfani da turawa ko sanya bayanan sabani a gefen asalin uwar garken da ke ba da albarkatun. Koyaya, don nuna dacewar harin, ana nuna yadda ake tsara aiwatar da lambar ku yayin buɗe maps.google.com, ta amfani da turawa ta hanyar “google.com/search”.
Gyaran yana cikin shiri. Matsalar kuma tana shafar blockers и . Matsala ba ta shafe uBlock Origin blocker, tunda baya goyan bayan mai aikin “sake rubutawa”. A wani lokaci marubucin uBlock Origin
ƙara goyan baya don sake rubutawa, yana ambaton matsalolin tsaro masu yuwuwa da ƙarancin ƙayyadaddun matakan runduna (an ba da shawarar zaɓin tambaya maimakon sake rubutawa don tsaftace sigogin tambaya maimakon maye gurbinsu).
Masu haɓakawa na Adblock Plus suna ɗaukar haƙiƙanin harin da ba zai yuwu ba, tunda duk canje-canje ga daidaitattun lissafin dokoki ana duba su, kuma haɗa lissafin ɓangare na uku yana da wuya a tsakanin masu amfani. Ana hana musanya dokoki ta MITM ta hanyar tsoho amfani da HTTPS don zazzage daidaitattun lissafin toshe (don wasu jerin sunayen an tsara shi don hana saukewa ta HTTP a cikin sakin gaba). Ana iya amfani da umarni don toshe hari a gefen rukunin yanar gizon (Manufofin Tsaro na Abun ciki), ta inda zaku iya tantance runduna daga abin da za a iya loda albarkatun waje.
source: budenet.ru