A cikin Adblock Plus ad blocker
Marubutan jeri tare da saitin tacewa na iya tsara aiwatar da lambar su a cikin mahallin rukunin yanar gizon da mai amfani ya buɗe ta hanyar ƙara dokoki tare da mai aiki "
Duk da haka, ana iya samun aiwatar da code a cikin wani aiki.
Wasu rukunin yanar gizon, gami da Google Maps, Gmail, da Hotunan Google, suna amfani da dabarar loda manyan tubalan JavaScript, waɗanda ake watsa su cikin sigar rubutu. Idan uwar garken ya ba da izinin sake jujjuya buƙatun, to ana iya isarwa zuwa wani mai masaukin baki ta hanyar canza sigogin URL (misali, a cikin mahallin Google, ana iya yin turawa ta hanyar API "
Hanyar kai hari da aka tsara tana shafar kawai shafukan da ke loda kirtani na lambar JavaScript (misali, ta hanyar XMLHttpRequest ko Fetch) sannan a aiwatar da su. Wani muhimmin iyakancewa shine buƙatar amfani da turawa ko sanya bayanan sabani a gefen asalin uwar garken da ke ba da albarkatun. Koyaya, don nuna dacewar harin, ana nuna yadda ake tsara aiwatar da lambar ku yayin buɗe maps.google.com, ta amfani da turawa ta hanyar “google.com/search”.
Gyaran yana cikin shiri. Matsalar kuma tana shafar blockers
Masu haɓakawa na Adblock Plus suna ɗaukar haƙiƙanin harin da ba zai yuwu ba, tunda duk canje-canje ga daidaitattun lissafin dokoki ana duba su, kuma haɗa lissafin ɓangare na uku yana da wuya a tsakanin masu amfani. Ana hana musanya dokoki ta MITM ta hanyar tsoho amfani da HTTPS don zazzage daidaitattun lissafin toshe (don wasu jerin sunayen an tsara shi don hana saukewa ta HTTP a cikin sakin gaba). Ana iya amfani da umarni don toshe hari a gefen rukunin yanar gizon
source: budenet.ru