Comments (3)
A naive/ simple approach to this should be simply storing the request and matching all scripting to the original requests. Right?
from httpswitchboard.
This is what Chromium itself does. For an extension, I don't see how this is possible, as extensions can't block inline scripting (issue #35). I suppose the best option is to have webkit fix the code so this bypass doesn't work. I am trying to find out if there is a bug opened for this one particular case.
from httpswitchboard.
Chromium is best position to do this, and they already have XSSAuditor, they should fix whatever holes it has at that level.
from httpswitchboard.
Related Issues (20)
- Ads and content loaded from identical sources
- js/assets.js:435 (onRemoteFileError) HOT 12
- Privacy: Add Local storage management HOT 1
- CDN problem and possible Firefox port? HOT 4
- UI improvements? HOT 2
- Scoped Rule Storage HOT 5
- Allow set default rules for each specified domain/site scope HOT 3
- Feature Request: Blocking/Allowing of specific items
- Possible to block X-UIDH? HOT 1
- Adblock+ element hiding filters & Twitter hash tags HOT 1
- Causing crash at Chrome start-up with proxy settings HOT 2
- keybindings? HOT 2
- Sync with Google account
- HTTP switchboard is not showing up in the Google store HOT 3
- Prevent IP leaking HOT 4
- GUI disorganized on this page HOT 2
- Base 1st-party on certificate and/or WHOIS HOT 1
- Firefox port to WebExtension Framework? HOT 2
- Dropdown Selection Panel / GUI now displaying incorrectly
- Global scope problem
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from httpswitchboard.