Google Chrome gets XSS protection

From the ‘Rad Security Features‘ files:

Cross Site Scripting (XSS) is one of the most common types of web attacks. Yet for Windows, Mac and Linux users there is no type of desktop protection for XSS issues that could affect any OS.

That’s why browser security, like the type that Google is baking into Chrome is so important.

“Basically, the filter checks each script before it executes to see whether the script appears in the request that generated the page,” Google developer Adam Barth wrote in a mailing list posting. ‘If it finds a match, it blocks the script from executing.  We’re planning to write up an academic paper that has all the details.”

It’s an idea that makes a whole lot of sense to me. But there is still some work that needs to be done.

News Around the Web