Giorgio Maone, mashruuc abuuray
Ku-darka loogu talagalay in lagu xannibo koodka JavaScript ee khatarta ah iyo kuwa aan la rabin, iyo sidoo kale noocyada kala duwan ee weerarrada (
Mid ka mid ah farqiga u dhexeeya nooca tijaabada ah ee NoScript ee Chrome waa curyaaminta shaandhada XSS ee loo isticmaalo in lagu xannibo qoraalka goobta iyo beddelka koodka JavaScript ee qolo saddexaad. Ilaa ay sifadani ka bilaabato oo ay socoto, isticmaalayaashu waa in ay ku tiirsanaadaan Chrome-ka ku dhex dhisan ee XSS Auditor, kaas oo aan waxtar u lahayn sida Hubiyaha Durida NoScript. Shaandheeyaha XSS weli lama xawili karo sababtoo ah waxay u baahan tahay habayn codsi isku mid ah si uu u shaqeeyo. Hal mar, markii loo guurayo WebExtension, horumarinta Mozilla waxay ku hirgeliyeen API-gan qaar ka mid ah sifooyinka horumarsan ee lagama maarmaanka u ah NoScript, sida maamulayaasha asynchronous, kuwaas oo Google aan weli u wareejin Chrome.
Source: opennet.ru