网站能告诉Firefox浏览器安装了哪些插件? [英] Can websites tell what addons are installed in a Firefox web browser?
问题描述
使用网站时,网站可以告诉网页浏览器安装了哪些插件?如果是这样,是否有可能隐藏,或随机的名称/身份证明?
附加组件/ / h2>
通常情况下,否:
网页无法确定安装的附加组件的一般列表Firefox浏览器/配置文件。
但是,您可能很有可能根据附加组件具有的效果,很有可能检测到特定的附加组件关于环境,DOM,以及可能的脚本的操作。这些影响是严格的附加在附加的基础。
URI资源泄漏: DOM /计算的样式更改: 全局范围的更改 检测特定的插件: 没有100%保证任何检测是一个确切的附加: 您的问题的文本与您的问题的标题提出了截然不同的问题。 插件是一个 type它提供了共享库,用户可以安装这些共享库来显示浏览器本身不能显示的内容。这些是非常具体的,旨在提供可用于网页的功能。您肯定可以检测到浏览器中可用的插件。您可以使用 When using a website, can a website tell which plugins are installed in a web browser? If so, is it possible to hide that, or randomize the name/identification? In general, no: However, you may be able to detect with a high probability that a specific add-on is installed based on the effects that add-on has on the environment, DOM, and, potentially, the operation of your scripts. What those effects are is strictly on an add-on by add-on basis. URI resource leakage: DOM/computed style changes: Changes to global scope: Detecting a specific add-on: Not 100% guaranteed any detection is an exact add-on: The text of your question asks a distinctly different question from the title of your question. Plugins are one type of add-on which provide "shared libraries that users can install to display content that the browser can't display natively." These are, very specifically, intended to provide functionality which is available to webpages. You definately can detect what plugins are available in the browser. You can do so using 这篇关于网站能告诉Firefox浏览器安装了哪些插件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
正如 the8472 的回答状态,一些附加组件可能会对环境造成的影响之一是泄漏可通过网络访问的URI。您可以测试通过特定附件泄露/提供的信息的有效性。一些可能的URI包括: about:, moz-extension:和资源:。与测试互联网上存在哪些网页一样,可能的URI的组合是巨大的,使得无法详尽搜索是不合理的。对于某些特定的扩展,您可以测试确切已知的资源。
您可以测试DOM的变化或应用的CSS。如果您知道特定插件对DOM(插入,删除等)或特定元素的计算样式的影响,则可以明确测试这些影响。您也可以通常测试您不希望看到的更改。虽然通常对意外的更改进行测试可能会告诉您,附加组件可能会影响您的页面,但不知道已知附件所做的特定预期更改,并且可以将实际更改与预期更改进行比较,您不会能够说出哪些附件执行了这样的更改。
您也可以测试对您的环境所做的更改。加载项可能会阻止您所期望的资源加载,对这些资源进行更改,或者添加/注入其他资源/属性/变量/函数。您可以测试以查看是否有任何新的,丢失或更改的属性。与DOM / CSS更改一样,如果您知道加载项对环境的影响,则只能声明它可能是特定的附加组件。与DOM更改一样,您可以对每个浏览器(和版本)中期望看到的内容进行一般比较。再次,这可以告诉你有什么改变,但没有比较已知的变化,你将无法说这是一个特定的插件(或只是一个新版本的Firefox)。
您必须确定您的页面可以检测到哪些特定插件具有哪些效果。这可以通过实验和/或查看插件的源代码来确定。对于绝大多数附加组件,附加组件主要是用JavaScript编写的。它的源代码位于安装包中(通常是一个 .xpi 文件,它是一个zip格式的文件,其扩展名改为 .xpi
您将只知道发生了一些变化。您可能能够识别出您所期望的特定附加组件所做的更改,但这并不意味着这些更改不是由另一个附件组成的。在这种情况下,这种变化很可能是您尝试识别的插件,但并不是100%的保证。
插件
window.navigator .plugins ,它提供了插件对象描述插件的插件已安装。Add-ons/extensions in general
A web page can not determine a general list of add-ons which are installed in the Firefox browser/profile.
As the8472's answer states, one of the effects on the environment which some add-ons may have is leaking web-accessible URIs. You can test for the validity of those which you know are leaked/made available by specific add-ons. Some of the possible URIs include the schemes: about:, moz-extension:, and resource:. As with testing to see what webpages exist on the internet, the combinations of possible URIs is vast, making it unreasonable to search exhaustively. For some specific extensions, you can test for exact known resources.
You can test for changes to the DOM, or applied CSS. If you know the effects which a specific add-on has on the DOM (insertions, removals, etc.) or computed style for specific elements, you can test explicitly for those effects. You can also test generally for changes that are ones which you don't expect to see. While testing generally for unexpected changes may tell you that it is likely that an add-on has affected your page, without knowing specific expected changes made by known add-ons and being able to compare the actual changes with the expected changes, you will not be able to say which add-on performed such changes.
You can also test for changes that have been made to your environment. An add-on might prevent resources from loading which you expect, make changes to those resources, or add/inject additional resources/properties/variables/functions. You can test to see if there are any new, missing, or changed properties. As with DOM/CSS changes, you can only state that it was probably a specific add-on if you know the effects that add-on has on your environment. As with DOM changes, you can make a general comparison against what you expect to see in each browser (and version). Again, this can tell you that something was changed, but without comparing it to known changes you will not be able to say it was a specific add-on (or just a new version of Firefox).
You have to determine what effects any particular add-on has which can be detected by your page. This can be determined by experimentation and/or looking at the add-on's source code. For the vast majority of add-ons, the add-on is primarily written in JavaScript. The source code for which is in the install package (usually a .xpi file, which is a zip format file with the extension name changed to .xpi).
You will only ever know that some changes happened. You might be able to identify the changes you see to be what you expect to be made by a particular add-on, but that does not mean the changes were not made by another add-on. In such a case, it can be very likely that the change was the add-on you are attempting to identify, but it is not 100% guaranteed. Plugins
window.navigator.plugins which provides a PluginArray of Plugin objects describing the plugins which are installed.
