No-CSRF
大小:9.58KiB版本:v 0.42更新时间:2021-12-21
Prevent cookies from being client-side sent cross-origin.
No-CSRF 的使用方法详解,最全面的教程
No-CSRF 描述:
用户数:249
分类:开发者工具插件
扩展大小:9.58 KiB
最后更新时间:2021-12-21
版本:v 0.42
No-CSRF 插件简介:
这是来自Chrome商店的 No-CSRF 浏览器插件,您可以在当前页面下载它的最新版本安装文件,并安装在Chrome、Edge等浏览器上。
No-CSRF插件下载方法/流程:
点击下载按钮,关注“扩展迷Extfans”公众号并获取验证码,在网页弹窗中输入验证码,即可下载最新安装文件。
No-CSRF插件安装教程/方法:
(1)将扩展迷上下载的安装包文件(.zip)解压为文件夹,其中类型为“crx”的文件就是接下来需要用到的安装文件
(2) 从设置->更多工具->扩展程序 打开扩展程序页面,或者地址栏输入 Chrome://extensions/ 按下回车打开扩展程序页面
(3) 打开扩展程序页面的“开发者模式”
(4) 将crx文件拖拽到扩展程序页面,
完成安装如有其它安装问题,
请扫描网站底部二维码与客服联系如有疑问请参考:
https://www.extfans.com/installation/Cross-Site Request Forgery is a major problem when it comes to browsing the web. If an attacker were to craft a request toward a server that performs an action, the request would contain any identifying cookies you have. As pointed out in academic literature, this can be used to empty bank accounts, change passwords, or anything in between.
This extension attempts to prevent Cross-Site Request Forgery by stripping cookies from any (non-GET) request that does not follow the same-origin policy. In this way, normal browsing remains uninterrupted while any possible CRSF attacks are blocked!
The extension is easily disabled and contains a small report of all requests which had cookies stripped.
This extension is open source and the source code is viewable at https://github.com/brandonio21/no-csrf
This extension is based on a similar extension by avlidienbrunn
