| 关键词: Developers testers 安全 modifications application Security with 代码 用户 问题 |
Google今天发布了一个名为DOM Snitch的Chrome官方扩展,它可以让开发者和安全人士在浏览网站时自动识别出不安全的代码,这种扩展的灵感其实是来自于5周之前一家安全公司Mind Security在Firefox上的作品DOMinator,使用这种工具用户可以轻易发现例如XSS、数据泄漏等问题,并指出问题所在的代码段,帮助用户规避以及厂商发现后修补。 Real-time: Developers and testers can observe DOM modifications as they happen inside the browser without the need to step through JavaScript code with a debugger or pause the execution of their application. Easy to use: With built-in security heuristics and nested view, both advanced and less experienced developers and testers can quickly spot areas of the application being tested that need more attention. Easier collaboration: Enables developers and testers to easily export and share captured DOM modifications while troubleshooting an issue with their peers. |
|
声明:文章版权归原作者所有 部分文章转自互联网 如有侵权请联系
[邮箱地址] 删除
|