Chrome zai kare kan canja wurin wasu ɓangarorin da ke ɓoye da kuma gano ɓoyayyen

Google Chrome

Google Chrome

Google ya sanar da gabatar da canje-canje nan gaba zuwa Chrome, da nufin inganta sirrin mutane. Na farko wani ɓangare na canje-canje yana nufin sarrafa kukis da goyan bayan halayen SameSite.

Farawa tare da fitowar nau'ikan Chrome na 76 (ana tsammanin a watan Yuli),  alamar "iri-iri-ta-tsoho-kukis" za a kunna cewa, idan babu halayen SameSite a cikin taken Set-Cookie, ƙimar "SameSite = Lax" za a saita ta tsohuwa, wanda ke iyakance aikawar kukis.

Don shigar da shafin yanar gizo na ɓangare na uku (amma har yanzu rukunin yanar gizon zasu iya cire ƙuntatawa, a bayyane ta hanyar saita SameSite = Babu lokacin saita sawu).

Hali SameSite yana ba da damar gidan yanar gizo (chrome) bayyana ma'anar inda sauya karɓa ke karɓa lokacin da buƙata ta fito daga rukunin ɓangare na uku.

A halin yanzu, mai binciken yana aika Cookies zuwa kowane buƙata zuwa ga shafin da aka saita cookies ɗin, koda kuwa an fara buɗe wani rukunin yanar gizo kuma ana yin kiran a kaikaice ta hanyar sauke hoto ko ta amfani da iframe.

Game da SameSite

Cibiyoyin sadarwar talla suna amfani da wannan fasalin don waƙa motsi masu amfani tsakanin shafuka da masu kai hari don shirya hare-haren CSRF(Lokacin da aka buɗe hanyar da maharan ke sarrafawa, ana ɓoye buƙata daga shafukanta zuwa wani shafin inda mai amfani na yanzu ya tabbata, kuma mai bincike na mai amfani ya saita kukis na zaman don wannan buƙatar.)

A gefe guda, ana iya amfani da ikon aika kukis zuwa rukunin yanar gizo na ɓangare na uku don saka widget a kan shafuka, alal misali, don haɗa kai da YouTube ko Facebook.

Ta amfani da sifa iri ɗaya na SameSite, zaku iya sarrafa halayyar lokacin saita kukis kuma ba da izinin aikawa da kukis kawai don amsa buƙatun da aka fara daga shafin da aka samo asali daga waɗannan cookies ɗin.

SameSite na iya ɗaukar ƙimomi uku "Mai tsauri", "Lax" da "Babu".

A cikin yanayi mai tsauri ("Mai tsananin")Ba a aika da kukis don kowane nau'in buƙatun rukunin giciye, gami da duk hanyoyin shigowa daga shafuka na waje.

A cikin yanayi "Lax": An sanya takunkumi mai laushi kuma an katange canja wurin kuki kawai don buƙatun giciye kamar buƙatar hoto ko zazzage abun ciki ta hanyar iframe.

Bambanci tsakanin "" Tsanani "da" Lax "ya sauko don toshe kukis lokacin da aka bi hanyar haɗi.

Sauran canje-canje

Daga cikin sauran canje-canje masu zuwa da ake tsammani don nau'ikan Chrome na gaba, an tsara shi ne don amfani da ƙayyadadden ƙayyadadden abin da ya hana sarrafa kukis na ɓangare na uku don buƙatu ba tare da HTTPS ba (tare da sifar SameSite = Babu, kukis kawai za'a iya saita su cikin Yanayin lafiya).

Bugu da kari, ana shirin yin aiki don kare kariya daga amfani da zanan yatsan burauzar, gami da hanyoyin samarda masu ganowa ta hanyar bayanan kai tsaye kamar na allo, jerin nau'ikan MIME masu goyan baya, takamaiman sigogi a cikin rubutun kai (HTTP / 2 da HTTPS), bincike na plugins da shigar fonts.

Hakanan akwai wadatar wasu APIs na yanar gizo, Takaddun aikin takamaiman katin bidiyo ta amfani da WebGL da Canvas, magudi na CSS, nazarin linzamin kwamfuta da halayen keyboard.

Bugu da kari, Chrome zai sami kariya daga lcin zarafi hade da wahalar dawowa shafi na asali bayan sauya sheka zuwa wani shafin (kyakkyawan aiwatarwa, akan shafukan da suke tura ka tsakanin shafuka).

Muna magana ne game da aikin saturating tarihin jujjuyawar tare da jerin turawa na atomatik ko kuma ta hanyar kara kayan shigar da abubuwa cikin tarihin bincike (ta hanyar turaState), sakamakon haka ne mai amfani ba zai iya amfani da maballin «Baya» don dawowa ba. asalin shafin bayan miƙa mulki ko kuma tura shi da aka yi izuwa shafin zamba.

Don kariya daga irin wannan magudi, Chrome a cikin maɓallin maɓallin baya zai tsallake rajistan ayyukan haɗi da tura ta atomatik kuma ziyarci maganan tarihi, yana barin shafuka kawai a buɗe tare da ayyukan mai amfani a bayyane.

Source: https://blog.chromium.org/


Sharhi, bar naka

Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.

  1.   Pablo m

    Kuma daidai yadda aka saita kuki?