No-CSRF

插件截图

插件概述

Prevent cookies from being client-side sent cross-origin.

插件详情

Cross-Site Request Forgery is a major problem when it comes to browsing the web. If an attacker were to craft a request toward a server that performs an action, the request would contain any identifying cookies you have. As pointed out in academic literature, this can be used to empty bank accounts, change passwords, or anything in between.

This extension attempts to prevent Cross-Site Request Forgery by stripping cookies from any (non-GET) request that does not follow the same-origin policy. In this way, normal browsing remains uninterrupted while any possible CRSF attacks are blocked!

The extension is easily disabled and contains a small report of all requests which had cookies stripped.

This extension is open source and the source code is viewable at https://github.com/brandonio21/no-csrf

This extension is based on a similar extension by avlidienbrunn

其他信息

官方唯一标识:amababaj****************bpkncepk

官方最后更新日期:2016年7月4日

分类:开发者工具

大小:8.82KiB

版本:0.42

语言:English

提供方:none

星级:5

插件下载

下载链接一     下载链接二

Chrome插件离线安装教程

温馨提示

本站中的部份内容来源网络和网友发布，纯属个人收集并供大家交流学习参考之用，版权归版权原作者所有。

如果您发现网站上有侵犯您的知识产权的作品，请与我们取得联系，我们会及时修改或删除。

如果您觉得网多鱼对您有帮助，欢迎收藏我们 Ctrl+D。