U-Giorgio Maone, umdali wephrojekthi ye-NoScript, wethule ukukhishwa kokuqala kwesengezo sesiphequluli se-Chrome, esitholakalayo ukuze sihlolwe. Isakhiwo sihambisana nenguqulo 10.6.1 yeFirefox futhi senziwa ngenxa yokudluliselwa kwegatsha le-NoScript 10 kubuchwepheshe be-WebExtension. Ukukhishwa kwe-Chrome kusesimweni se-beta futhi kuyatholakala ukuze kulandwe kusuka kusitolo sewebhu se-Chrome. I-NoScript 11 ihlelelwe ukuthi ikhishwe ekupheleni kukaJuni, okuzoba ukukhishwa kokuqala okunokusekelwa okuzinzile kwe-Chrome/Chromium.
Isengezo esiklanyelwe ukuvimba ikhodi ye-JavaScript eyingozi nengadingeki, kanye nezinhlobo ezihlukahlukene zokuhlasela (i-XSS, i-DNS Rebinding, CSRF, Clickjacking), isetshenziswa njengengxenye ye-Tor Browser kanye nokusabalalisa okuningi okugxile kubumfihlo. Kuyaphawulwa ukuthi ukuvela kwenguqulo ye-Chrome kuyisigaba esibalulekile ekuthuthukisweni kwephrojekthi - isisekelo sekhodi manje sesihlanganisiwe futhi singasetshenziswa ukudala ukuhlangana kwakho kokubili i-Firefox neziphequluli ngokusekelwe enjini ye-Chromium.
Omunye umehluko enguqulweni yokuhlola ye-NoScript ye-Chrome ukukhutshazwa kwesihlungi se-XSS esisetshenziselwa ukuvimba ukubhalwa phansi kwezindawo ezihlukene nokufaka esikhundleni sekhodi ye-JavaScript yenkampani yangaphandle. Kuze kube yilapho lesi sici sisebenza futhi, abasebenzisi kuzodingeka bathembele ku-XSS Auditor eyakhelwe ngaphakathi ye-Chrome, engasebenzi njengesihloli sokujova se-NoScript. Isihlungi se-XSS asikwazi ukuthunyelwa okwamanje ngoba sidinga ukucutshungulwa kwesicelo okungavumelani ukuze sisebenze. Ngesinye isikhathi, lapho uthuthela ku-WebExtension, onjiniyela be-Mozilla basebenzise kule API izici ezithile ezithuthukisiwe ezidingekayo ku-NoScript, njengezibambi ezingavumelanisi, i-Google engakayidluliseli ku-Chrome.
Source: opennet.ru