CSS Exfil Protection 作者： Mike Gualtieri

4.8 / 5 星

50 条评价

评分 5 / 5
来自 f789987f， 6 年前
评分 5 / 5
来自 Firefox 用户 14852166， 6 年前
评分 4 / 5
来自 Firefox 用户 14850664， 6 年前
评分 5 / 5
来自 Firefox 用户 14157356， 6 年前
评分 5 / 5
来自 Firefox 用户 13215575， 6 年前
评分 5 / 5
来自 eriador， 6 年前
评分 5 / 5
来自 ashmedai， 6 年前
评分 5 / 5
来自 alekksander， 6 年前
评分 5 / 5
来自 Firefox 用户 14678799， 6 年前
评分 5 / 5
来自 craigevil， 6 年前
评分 5 / 5
来自 Aly， 6 年前
评分 4 / 5
来自 Firefox 用户 14613566， 6 年前
评分 5 / 5
来自 Marco Santos， 6 年前
Thank you.
评分 5 / 5
来自 Firefox 用户 14559273， 6 年前
评分 4 / 5
来自 Firefox 用户 14416076， 6 年前
Is there a way to disable this on certain domains? It breaks certain sites styling (4chan.org/g/).
开发者回应
发布于 6 年前
Not at the moment, but it's planned. I checked 4chan and styling works OK in Chrome, but not Firefox so there must be something specific in Firefox that's causing an issue. I'll look into why this may be happening.

Edit 11/19/2018: FYI - A new version of the plugin has been released today (1.0.10) that should fix the issue you were experiencing.
评分 5 / 5
来自 pedz， 6 年前
评分 5 / 5
来自 NN， 7 年前
评分 4 / 5
来自 jawz101， 7 年前
Have you considered submitting something to the Firefox bug tracker to see if something can be resolved in the browser itself?
开发者回应
发布于 7 年前
I did not, but maybe I should. I've thought about reaching out to a project like Brave that includes privacy protections in the default configuration. Either way, I would want to review the Firefox source first and determine how such an implementation would be handled. There are advantages to including such protections within the browser itself; but, the negative is that it breaks compatibility with the CSS specification standard. The flaw isn't necessarily within the browser, but in CSS itself.
评分 5 / 5
来自 Firefox 用户 12654054， 7 年前
Much thanks for writing this add-on!
评分 5 / 5
来自 MrDontCare， 7 年前
评分 5 / 5
来自 Langoliers， 7 年前
I had no idea this was an issue until reading about it recently. Thanks so much for this extension, appears to be working based on the test page. Hopefully I'll never find a website compromised and using CSS in this manner, however, at least I will have a number sign to show how many and also protection against it.

Thanks for that!

Also, I haven't found the compiled version for Chrome, is it on the chrome store? My friend uses chrome, thanks.
开发者回应
发布于 7 年前
Thanks for the review! You should be able to find it on the Chrome store by searching 'CSS Exfil Protection'. I also have a direct link from the vulnerability tester page: https://www.mike-gualtieri.com/css-exfil-vulnerability-tester
评分 4 / 5
来自 Firefox 用户 13262486， 7 年前
Thanks for this. But when I disable JS on a website having this addon makes the website send 2 requests for each css request - one as CSS and tries to send one as a XHR request (even though JS is disabled for the website). Why is this?
评分 4 / 5
来自 Firefox 用户 12793954， 7 年前
Hello, could you make it enable/disable on icon click instead of opening the popup?
开发者回应
发布于 7 年前
Thanks for the suggestion! I plan to add a few new features into the popup area so for the time being I need to keep the icon click for opening the popup. If you need to disable the plugin because it's not working on a site, please let me know what site is causing problems and I'll get a fix out asap!
评分 5 / 5
来自 Firefox 用户 13587401， 7 年前
评分 5 / 5
来自 Donald Reed， 7 年前
Thanks for this interesting project! Unfortunately it causes issues on some sites so it would be nice to have a whitelist per site instead of disabling it everywhere.
开发者回应
发布于 7 年前
Thanks for the comment and review! A whitelist is a great idea I'll work into a future release. In the meantime, could you leave a comment on my website with the site(s) that are causing issue? I'd like to see if this is due to a bug / false positive, or if it is legitimately blocking styles which would cause issue.

开发者回应

开发者回应

开发者回应

开发者回应

开发者回应