Marka laga hadlayo Google si ay u midayso waxa ku jira HTTP User-Agent head, horumariyaha browserka Kiwi ilaa "X-Client-Data" madaxa HTTP ee ku haray Chrome, kaas oo suurtagal ah Xeerka Ilaalinta Xogta Guud ee ka dhaqan galaya Midowga Yurub (). Inta lagu jiro Labadan ficil ee Google ayaa sidoo kale la dhaleeceeyay, taas oo dhinaca kale ah si loo joojiyo aqoonsiga qarsoon iyo dabagalka ficilada isticmaalaha, laakiin dhanka kale, kuma degdegsana in taageerada madaxa X-Client-Data laga saaro Chrome, kaas oo loo isticmaali karo in lagu aqoonsado tusaaleyaal browser ah marka la gelayo adeegyada Google.
Madaxa X-Client-Data ma aha hawlkarnimo qarsoon oo dhaqankeedu waa dukumeentiyada. Iyadoo loo marayo X-Client-Data, Google wuxuu helayaa xogta dhaqdhaqaaqa sifooyinka tijaabada ah ee Chrome-ka ee la xidhiidha goobtiisa (tusaale ahaan, inta lagu jiro tijaabada, Google wuxuu kicin karaa sifooyinka tijaabada qaarkood ee Youtube haddii ay taageeraan browserka ama isku dayaan inay sameeyaan. isku xidha mashaakilaadka firfircoonida hawlaha tijaabada ah).
Madaxa kaliya codsiyada goobaha Google ee u dhigma waji-xidhaha "*.doubleclick.net", "*.googlesyndication.com", "www.googleadservices.com", "*.google.<>"iyo"*.youtube.", oo lagu soo diro HTTPS. Habka qarsoodiga ah, madaxa laguma darin, laakiin haddii isticmaalaha boggiisa Google ee la xaqiijiyay uu isku beddelo astaanta martida ama marka hawlgalka nadiifinta xogta la yiraahdo, madaxa dib looma dajin oo wuxuu ku sii socdaa in lagu soo diro isla qiimaha.
Madaxa waxa lagu sheegay in aanu ku jirin macluumaad shakhsi ahaan lagu aqoonsan karo oo waxa uu kaliya qeexayaa heerka rakibaadda Chrome-ka iyo sifooyinka tijaabada firfircoon. Haddii isticmaalka biraawsarka telemetry iyo warbixinta shilalka ay naafo ka yihiin goobaha, soo saarista saldhigga X-Client-Data qiimaha madaxa waxa uu isticmaalaa 13 bits ee entropy (8000 oo kala duwan oo isku dhafan), taas oo aan ku filnayn aqoonsiga.
Marka la eego in madaxdu ay sidoo kale dejiso qaar ka mid ah nidaamyada nidaamka iyo xuduudaha, ugu dambeyntii waxa ku jira X-Client-Data waxay ku habboon yihiin ilo dheeraad ah oo xog ah oo loogu talagalay aqoonsiga isticmaalaha aan tooska ahayn muddo gaaban gudaheed (awoodda tijaabada ah waa la oggol yahay oo waa la dhimay waqti ka dib, taasoo horseedda isbeddel xilliyeedka qiimaha ee X-Client-Data).
Si kastaba ha noqotee, marka lagu daro entropy bilowga ah, marka la soo saarayo qiimaha X-Client-Data, waxaa sidoo kale jira taxane abuur oo ay soo celiyeen server-yada Google waxayna kuxirantahay dalka, ciwaanka IP-ga iyo shuruudaha kale ee Google u arko inay muhiim tahay (tusaale, ma jiraan wax ka hortagaya. aad ka soo celinayso isku xigxig weyn oo random , kaas oo noqon doona aqoonsiga saxda ah).
Intaa waxaa dheer, hubinta isticmaalka waji-xidhka Google-ka marka la dirayo X-Client-Data kama saarayso xaaladaha uu qofka wax weeraraya iska diiwaangelin karo domain sida "youtube.xn--55qx5d" oo uu bilaabo ururinta aqoonsiyada.
Source: opennet.ru