I-Free Software Foundation yethule iphrojekthi ye-JShelter, ethuthukisa isengezo sesiphequluli ukuze sivikeleke ezinsongweni eziphakama lapho kusetshenziswa i-JavaScript kumawebhusayithi, okuhlanganisa ukuhlonza okufihliwe, ukunyakaza kokulandelela kanye nokuqoqwa kwedatha yomsebenzisi. Ikhodi yephrojekthi isatshalaliswa ngaphansi kwelayisensi ye-GPLv3. Isengezo silungiselwe iFirefox, Google Chrome, Opera, Brave, Microsoft Edge nezinye iziphequluli ezisekelwe enjini yeChromium.
Lo msebenzi uthuthukiswa njengohlelo oluhlanganyelwe oluxhaswe yi-NLnet Foundation. U-Giorgio Maone, umdali wesengezo se-NoScript, kanye nabasunguli bephrojekthi ye-J++ kanye nababhali bezengezo ze-JS-Shield ne-JavaScript Restrictor, nabo bajoyine ukuthuthukiswa kwe-JShelter. Isengezo se-JavaScript Restrictor sisetshenziswa njengesisekelo sephrojekthi entsha.
I-JShelter ingacatshangwa njengohlobo lwe-firewall ye-JavaScript programming interfaces etholakala kumawebhusayithi nezinhlelo zokusebenza zewebhu. Isengezo sihlinzeka ngamaleveli amane okuvikela, kanye nemodi yokumisa eguquguqukayo yokufinyelela ku-API. Izinga lezinga livumela ngokuphelele ukufinyelela kuwo wonke ama-API, eyokuqala ihlanganisa ukuvinjwa okuncane okungaphazamisi ukusebenza kwamakhasi, ibhalansi yezinga lesibili phakathi kokuvinjwa nokuhambisana, kanti izinga lesine lihlanganisa ukuvinjwa okuqinile kwakho konke okungadingekile.
Izilungiselelo zokuvinjwa kwe-API zingaboshelwa kumasayithi ngamanye, isibonelo, ukuvikela kungaqiniswa kwamanye amasayithi, futhi kukhutshazwe kwamanye. Ungakwazi futhi ukuvimba izindlela ezithile ze-JavaScript, izinto, izakhiwo, nemisebenzi, noma ushintshe amanani okubuyisela (isibonelo, ukukhiqiza ulwazi olungamanga mayelana nesistimu). Isici esihlukile imodi ye-NBS (Network boundary shield), engavumeli amakhasi ukuthi asebenzise isiphequluli njengommeleli phakathi kwamanethiwekhi angaphandle nawasendaweni (zonke izicelo eziphumayo ziyabanjwa futhi ziyahlaziywa).
Ama-API avinjiwe noma akhawulelwe:
- window.Date, window.performance.now(), window.PerformanceEntry, Event.prototype.timeStamp, Gamepad.prototype.timestamp kanye VRFrameData.prototype.timestamp - isikhathi esiphumayo singasetshenziswa ukukhomba nokwenza ukuhlasela kwesiteshi eseceleni .
- I-HTMLCanvasElement (canvas.toDataURL(), canvas.toBlob(), CanvasRenderingContext2D.getImageData, OffscreenCanvas.convertToBlob()) - esetshenziselwa ukunquma izici zesistimu engaphansi yezithombe lapho kuhlonzwa umsebenzisi.
- I-AudioBuffer ne-AnalyserNode (AudioBuffer.getChannelData(), AudioBuffer.copyFromChannel(), AnalyserNode.getByteTimeDomainData(), AnalyserNode.getFloatTimeDomainData(), AnalyserNode.getByteFrequencyData(.) kanye ne-AnalyserNode yomsindo () kanye ne-AnalyserNode yomsindo.
- I-WebGLRenderingContext - ukuhlonza ngokuhlaziywa kwezici zesitaki sezithombe ne-GPU.
- MediaDevices.prototype.enumerateDevices - ukuhlonza ngokuthola amapharamitha namagama ekhamera nemakrofoni.
- navigator.deviceMemory, navigator.hardwareConcurrency - ukuthola ulwazi mayelana nehardware.
- I-XMLHttpRequest (XHR) - idlulisela ulwazi lwesistimu oluqoqiwe kuseva yangaphandle ngemva kokuba ikhasi selilayishiwe.
- I-ArrayBuffer - yenza ukuhlaselwa kwe-Specter ye-microarchitectural.
- WebWorker (window.Worker), SharedArrayBuffer (window.SharedArrayBuffer) - ukwenza ukuhlasela okuhlola ukubambezeleka lapho ufinyelela idatha.
- I-Geolocation API (navigator.geolocation) - ukufinyelela olwazini lwendawo (ukwengezwa kukuvumela ukuthi uhlanekezele idatha ebuyisiwe).
- I-Gamepad API (navigator.getGamepads()) ingenye yezimpawu zokuhlonza ezicabangela ubukhona be-gamepad ohlelweni.
- I-Virtual Reality API, I-Mixed Reality API - ukusetshenziswa kwamapharamitha wedivayisi yento engekho ngokoqobo ukuze kukhonjwe.
- window.name - ukuvuza kwezindawo eziphambene.
- navigator.sendBeacon - isetshenziselwa ukuhlaziya iwebhu.
Source: opennet.ru