No-CSRF
Prevent cookies from being client-side sent cross-origin.
什么是No-CSRF?
No-CSRF是由brandonio21开发的Chrome扩展程序,该扩展的主要功能是“Prevent cookies from being client-side sent cross-origin.”。
扩展截图
下载No-CSRF扩展crx文件
下载No-CSRF扩展crx格式的文件,手动将Chrome插件安装到浏览器中,也可以将crx文件分享给朋友,轻松安装Chrome插件。
扩展使用说明
Cross-Site Request Forgery is a major problem when it comes to browsing the web. If an attacker were to craft a request toward a server that performs an action, the request would contain any identifying cookies you have. As pointed out in academic literature, this can be used to empty bank accounts, change passwords, or anything in between.
This extension attempts to prevent Cross-Site Request Forgery by stripping cookies from any (non-GET) request that does not follow the same-origin policy. In this way, normal browsing remains uninterrupted while any possible CRSF attacks are blocked!
The extension is easily disabled and contains a small report of all requests which had cookies stripped.
This extension is open source and the source code is viewable at https://github.com/brandonio21/no-csrf
This extension is based on a similar extension by avlidienbrunn 扩展基本信息
| 名称 |  No-CSRF |
| ID | amababajdpoioajiapncbkhcbpkncepk |
| 官方URL | https://chromewebstore.google.com/detail/no-csrf/amababajdpoioajiapncbkhcbpkncepk |
| 简介 | Prevent cookies from being client-side sent cross-origin. |
| 文件大小 | 9.58 KB |
| 安装次数 | 392 |
| 当前版本 | 0.42 |
| 更新时间 | 2016-07-05 |
| 上架时间 | 2016-07-04 |
| 评分 | 5.00/5 共1次评分 |
| 开发者 | brandonio21 |
| 电子邮箱 | [email protected] |
| 付费类型 | free |
| 扩展官网 | https://github.com/brandonio21/no-csrf |
| 帮助页面URL | https://github.com/brandonio21/no-csrf |
| 支持的语言 | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"manifest_version": 2,
"name": "No-CSRF",
"version": "0.42",
"description": "Prevent cookies from being client-side sent cross-origin.",
"icons": {
"128": "badge.png"
},
"permissions": [
"webRequest",
"webRequestBlocking",
"tabs",
"webNavigation",
" | |
