Isandiso sesiphequluli se-NoScript, inguqulo 11.2.18, sikhishwe. Sivimba ikhodi ye-JavaScript eyingozi nengadingeki, kanye nezinhlobo ezahlukene zokuhlaselwa (i-XSS, i-DNS Rebinding, i-CSRF, i-Clickjacking). Inguqulo entsha ilungisa inkinga ebangelwe ushintsho ekuphathweni kwe-URL yefayela:// enjinini ye-Chromium. Le nkinga ivimbele amawebhusayithi amaningi (i-Gmail, i-Facebook, njll.) ukuthi avuleke ngemva kokubuyekezwa kunguqulo 11.2.16 ezinguqulweni ezintsha zeziphequluli ezisekelwe ku-Chromium (i-Chrome, i-Brave, ne-Vivaldi).
Inkinga idalwe izinguqulo ezintsha ze-Chromium ezivimbela ukufinyelela kwesandiso ku-URL "yefayela:///" ngokuzenzakalela. Inkinga ayizange inakwe ngoba ibonakale kuphela lapho kufakwa i-NoScript evela kukhathalogi yezengezo zeSitolo se-Chrome. Ukufaka ingobo yomlando ye-zip kusuka ku-GitHub ngemenyu ethi "Layisha okungapakishiwe" (chrome://extensions > Imodi kanjiniyela) ayibangeli inkinga, njengoba ukufinyelela kufayela:/// i-URL akuvinjiwe kumodi yonjiniyela. Ukunika amandla isilungiselelo esithi "Vumela ukufinyelela kuma-URL efayela" kuzilungiselelo zezengezo kusebenza njengendlela yokusombulula.
Isimo sabhebhetheka yiqiniso lokuthi ngemva kokuba i-NoScript 11.2.16 ishicilelwe ku-Chrome Web Store, umbhali uzame ukukhansela ukukhululwa, okuholele ekutheni lonke ikhasi lephrojekthi linyamalale. Isikhathi esithile, abasebenzisi abakwazanga ukubuyela emuva enguqulweni yangaphambilini futhi baphoqeleka ukuthi bakhubaze isengezo. Ikhasi leSitolo Sewebhu Se-Chrome manje selibuyiselwe, futhi inkinga isixazululiwe ekukhishweni kwe-11.2.18. Ukuze ugweme ukubambezeleka ekubuyekezweni kwekhodi, Isitolo Sewebhu Se-Chrome sinqume ukuhlehlela emuva enguqulweni yangaphambilini futhi sishicilele ukukhishwa okungu-11.2.17, okufanayo nenguqulo 11.2.11 esibuyekeziwe.
Source: opennet.ru
