Google发布Chrome官方扩展DOM Snitch

　　Google今天发布了一个名为DOM Snitch的Chrome官方扩展，它可以让开发者和安全人士在浏览网站时自动识别出不安全的代码，这种扩展的灵感其实是来自于5周之前一家安全公司Mind Security在Firefox上的作品DOMinator，使用这种工具用户可以轻易发现例如XSS、数据泄漏等问题，并指出问题所在的代码段，帮助用户规避以及厂商发现后修补。

　　Real-time: Developers and testers can observe DOM modifications as they happen inside the browser without the need to step through JavaScript code with a debugger or pause the execution of their application.

　　Easy to use: With built-in security heuristics and nested view, both advanced and lesexperienced developers and testers can quickly spot areas of the application being tested that need more attention.

　　Easier collaboration: Enables developers and testers to easily export and share captured DOM modifications while troubleshooting an issue with their peers.

下载:DOM Snitch