“XSS Auditor” and “Disable outdated plug-ins” To Add More Security to Google Chrome – Inbuilt !

XSS Protection on Chrome

XSS Protection on Chrome

Google Chrome is the safest browser available today. To make things more secure, chromium team is working on inbuilt XSS protection and a feature to disable outdated plugins automatically.

What is XSS or Cross Site Scripting ?

XSS or Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.

XSS Auditor : Enables WebKit’s XSS Auditor (cross-site scripting protection). This feature aims to protect you from certain attacks of malicious web sites. It improves your security, but it might not be compatible with all web sites.

Do you remember the recent bom sobando attack on Orkut.com ? Hackers used XSS to attack the website and spread unwanted messages around, that too without any action from a user. ( normally hackers catch you when you click on a link or open a file, but for XSS, no action is required from you, it will do its job well without it 😉 )

Disable outdated plug-ins : Automatically disables plug-ins with known security vulnerabilities and offers update links for them.

Outdated plugins create another loophole for hackers to gain control of your system. Most of the times plugin authors roll out new updates to fix vulnerabilities. This is very true in the case of Flash on browsers. Chrome is now able to update flash versions without you bothering about and with this new feature, chrome will disable other outdated plugins if you have any.

Get This Feature Now !

You can enable this from the Chromium Labs page right now. You will need the latest Chromium build. Download, install and visit about:labs and you can enable this feature and many others like remoting.

Warning – Chromium should be used for testing purposes only. It lacks automatic updates, which can expose you to security risks if you are not updating it yourself.

In Category: Google Chrome


Dinsan made Google Chrome his default browser within hours of its release. He fell in love with Chromebooks from the day he first touched one and is currently obsessed with Chromecasts.

Show 2 Comments
  • vasa1 02/10/2010, 8:36 am

    It’s good that Chrome is acting against XSS. Some people would claim that Firefox was/is more secure in this respect because of the NoScript add-on.