Google
Zvinocherechedzwa kuti parizvino anopfuura makumi mapfumbamwe muzana emasaiti anovhurwa nevashandisi veChrome vachishandisa HTTPS. Kuvapo kwekuiswa kwakaremerwa pasina encryption kunogadzira kutyisidzira kwekuchengetedza kuburikidza nekugadziriswa kwezvinhu zvisina kudzivirirwa kana paine kutonga pamusoro peiyo nzira yekutaurirana (semuenzaniso, kana uchibatanidza neyakavhurika Wi-Fi). Chiratidzo chemukati chakavhenganiswa chakawanikwa chisingabatsiri uye chinotsausa kumushandisi, sezvo chisingapi kuongororwa kwakajeka kwekuchengetedzwa kwepeji.
Parizvino, mhando dzine njodzi dzemukati dzakasanganiswa, senge zvinyorwa uye iframe, dzakatovharwa nekusingaperi, asi mifananidzo, maodhiyo mafaira uye mavhidhiyo anogona kudhawunirodha kuburikidza ne http://. Kuburikidza nemufananidzo spoofing, munhu anorwisa anogona kutsiva mushandisi wekutevera Cookies, edza kushandisa kusagadzikana mumagadzirirwo emifananidzo, kana kuita manyepo nekutsiva ruzivo rwakapihwa mumufananidzo.
Kuiswa kwekuvharira kwakakamurwa kuita nhanho dzinoverengeka. Chrome 79, yakarongerwa Zvita 10, ichange iine marongero matsva ayo achakubvumidza kudzima kuvharira kune chaiwo masaiti. Kuseta uku kuchaiswa kune zvakasanganiswa izvo zvakatovharwa, senge zvinyorwa uye iframes, uye ichadaidzwa kumusoro kuburikidza nemenu inodonha kana iwe uchidzvanya pane yekukiya chiratidzo, kutsiva iyo yakambotaurwa chiratidzo chekudzima kuvharika.
Chrome 80, inotarisirwa muna Kukadzi 4, ichashandisa yakapfava yekuvharira hurongwa hwemaodhiyo nemavhidhiyo mafaera, zvichireva kutsiva otomatiki kwe http: // zvinongedzo ne https://, izvo zvinochengetedza kushanda kana dambudziko rinowanikwa richiwanikwa kuburikidza neHTTPS. . Mifananidzo icharamba ichikwira pasina shanduko, asi kana yakadhawunirodha kuburikidza nehttp://, mapeji e https:// anoratidza chiratidzo chekubatanidza chisina kuchengetedzeka chepeji rese. Kuti uchinje otomatiki kuita https kana kuvharisa mifananidzo, vanogadzira saiti vanozokwanisa kushandisa CSP zvivakwa kusimudzira-insecure-zvikumbiro uye block-all-mixed-content. Chrome 81, yakarongerwa Kurume 17, ichagadzirisa otomatiki http:// ku https:// yemifananidzo yakasanganiswa yekuiswa.
Mukuwedzera, Google
Kuti uchengetedze zvakavanzika, kana uchiwana yekunze API, chete maviri ekutanga mabyte ehashi yelogin uye password anofambiswa (iyo hashing algorithm inoshandiswa.
Source: opennet.ru