No-CSRF Chrome 插件, crx 扩展下载

 收录于6年前 阅读数 73

扩展ID: amababajdpoioajiapncbkhcbpkncepk

Prevent cookies from being client-side sent cross-origin.Cross-Site Request Forgery is a major problem when it comes to browsing the web. If an attacker were to craft a request toward a server that performs an action, the request would contain any identifying cookies you have. As pointed out in academic literature, this can be used to empty bank accounts, change passwords, or anything in between.

This extension attempts to prevent Cross-Site Request Forgery by stripping cookies from any (non-GET) request that does not follow the same-origin policy. In this way, normal browsing remains uninterrupted while any possible CRSF attacks are blocked!

The extension is easily disabled and contains a small report of all requests which had cookies stripped. 

This extension is open source and the source code is viewable at https://github.com/brandonio21/no-csrf

This extension is based on a similar extension by avlidienbrunn
名称 No-CSRF
插件标识 amababajdpoioajiapncbkhcbpkncepk
平台 Chrome
评分 0
评分人数 1
插件主页

作者 brandonio21
版本号 0.42
大小 8.82 KB
官网下载次数 193
分类 查看更多 web开发 分类下的扩展插件
下载地址
更新时间 2016-07-04 00:00:00
举报
回复

大家在找这些插件

相关搜索词