Chrome Apes IE8, Adds Clickjacking, XSS Defenses 90
CWmike writes "Google has announced that it added several new security features to Chrome 4, including two security measures first popularized (some later shot down as having 'zero impact') by rival Microsoft's IE8 last year. The newest 'stable' build of Chrome includes five security additions that target Web developers who want to build more secure sites, said Adam Barth, a software engineer on the Chrome team. The two aped from IE include 'X-Frame-Options'" a security feature that helps sites defend against 'clickjacking' attacks, and cross-site scripting protection.'"In Google Chrome 4, we've added an experimental feature to help mitigate one form of XSS [cross-site scripting], reflective XSS,' Barth said. 'The XSS filter checks whether a script that's about to run on a Web page is also present in the request that fetched that Web page. If the script is present in the request, that's a strong indication that the Web server might have been tricked into reflecting the script.'"
Chrome Apes? Moronic Monkies? (Score:3, Funny)
Anyone else getting flashbacks from Planet of the Apes?
Is that the new code name for the next version of Chrome? Ubuntu Panhandling Panda, now featuring Chrome Apes! Download now! Steve Balmer your Monkey Boy days are numbered, so dance while you can, it's the year of the Google Desktop.
Re:Thanks (Score:3, Funny)
I read it as "Chrome Apes, IE8 Adds Clickjacking"...
Ads (Score:3, Funny)
If Chrome can't block ads it's not ready for the internet. It doesn't matter what else it does and doesn't do, blocking stupid flashing graphics is the main function of web browsers these days.
Re:Off topic: In regards to the facebook icon... (Score:3, Funny)
It's not like they are showing tweets with the comments...
Please don't give them any ideas!