Google's Browser Interception Plugin For Chrome

An anonymous reader writes "Google has released a passive in-the-browser reconnaissance plugin, called the 'DOM Snitch'. By intercepting JavaScript calls to the browser infrastructure, it detects common cross-site scripting, mixed content and insecure DOM changes. The plugin displays the DOM modifications in real time so developers don't have to pause the application to run an outside debugger. It exports traces for easier collaboration and analysis."

Re:Blah blah blah

[Shikaku]

Herp derp. I don't understand DOM debugging tools so I am gonna assume it is malicious.

Protip: if you're so concerned about Chrome(ium) having backdoors for Google, don't use it. There are many other browsers to choose from.

Hint: this is a service similar to what Noscript provides, except Noscript stops them while this feature highlights where it may be possible.

Interceptions...

[jkiller]

You can search for this semi-useful extension with keywords: "Brett Favre plug-in"

Only 18 comments?

[Qzukk]

Everyone who uses chrome probably did what I did and ran out to install the extension to see what happens on slashdot.

Answer: it breaks the fuck out of slashdot whether it's in active, passive, or standby mode, pretty much all of the 2.0ish stuff like replies and opening comments ceases to work (everything opens a new page).

Uninstalled it and now slashdot is back to the normal level of brokenness. Apparently whatever it does to "inject" all this stuff needs just a little more work to make sure it doesn't disturb the javascript that is already there.