No-CSRF
Prevent cookies from being client-side sent cross-origin.
什麼是No-CSRF?
No-CSRF是由brandonio21開發的Chrome擴展程式,該擴展的主要功能是“Prevent cookies from being client-side sent cross-origin.”。
擴展截圖
下載No-CSRF擴展crx文件
下載No-CSRF擴展crx格式的文件,手動將Chrome擴充功能安裝到瀏覽器中,也可以將crx文件分享給朋友,輕鬆安裝Chrome擴充功能。
擴展使用說明
Cross-Site Request Forgery is a major problem when it comes to browsing the web. If an attacker were to craft a request toward a server that performs an action, the request would contain any identifying cookies you have. As pointed out in academic literature, this can be used to empty bank accounts, change passwords, or anything in between.
This extension attempts to prevent Cross-Site Request Forgery by stripping cookies from any (non-GET) request that does not follow the same-origin policy. In this way, normal browsing remains uninterrupted while any possible CRSF attacks are blocked!
The extension is easily disabled and contains a small report of all requests which had cookies stripped.
This extension is open source and the source code is viewable at https://github.com/brandonio21/no-csrf
This extension is based on a similar extension by avlidienbrunn 擴展基本資訊
| 名稱 |  No-CSRF |
| ID | amababajdpoioajiapncbkhcbpkncepk |
| 官方網址 | https://chromewebstore.google.com/detail/no-csrf/amababajdpoioajiapncbkhcbpkncepk |
| 簡介 | Prevent cookies from being client-side sent cross-origin. |
| 檔案大小 | 9.58 KB |
| 安裝次數 | 392 |
| 目前版本 | 0.42 |
| 更新時間 | 2016-07-05 |
| 上架時間 | 2016-07-04 |
| 評分 | 5.00/5 共 1 次評分 |
| 開發者 | brandonio21 |
| 電子郵箱 | [email protected] |
| 付費類型 | free |
| 擴展官網 | https://github.com/brandonio21/no-csrf |
| 說明頁面URL | https://github.com/brandonio21/no-csrf |
| 支援的語言 | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"manifest_version": 2,
"name": "No-CSRF",
"version": "0.42",
"description": "Prevent cookies from being client-side sent cross-origin.",
"icons": {
"128": "badge.png"
},
"permissions": [
"webRequest",
"webRequestBlocking",
"tabs",
"webNavigation",
" | |
