Google has released DOM Snitch, an experimental extension for its Chrome browser that enables developers to scan Web applications and flag code that could be exploited by malware attacks. Google has built DOM Snitch to target potential security holes in the client-side code of Web applications that could be vulnerable to attacks, such as client-side scripting.
"To do this, we have adopted several approaches to intercepting JavaScript calls to key and potentially dangerous browser infrastructure, such as document.write or HTMLElement.innerHTML," says Google's Radoslav Vasilev.
Developers do not have to pause DOM Snitch to run a debugging tool because it displays document object model modifications in real time. The free tool also enables developers to export reports to others involved in developing and refining the application. Code testers and security researchers also could make good use of DOM Snitch.
From IDG News Service
View Full Article
Abstracts Copyright © 2011 Information Inc. , Bethesda, Maryland, USA
No entries found