I’ve commented here many times about Google’s efforts to expand the usage and usability of the Web, efforts that make perfect sense given that Google makes its money selling Web advertising. More people looking at more ads is a Good Thing for Google’s bottom line. As part of its effort, the company has released a number of software tools, most notably the Chrome browser. Its other projects have included Go, a systems programming language; SPDY, a new Web protocol; and new image formats, WebP and WebM. Many of these tools have been developed as open source projects, or have open source versions available.
Google has also introduced a number of testing tools for Web developers; I’ve mentioned Sputnik and Skipfish here before; the ratproxy security tool is another open source offering. Last week, Google announced the availability of a new experimental web security tool, focused on the Document Object Model [DOM] context, called DOM Snitch.
As existing tools focus mostly on testing server-side code, today we are happy to introduce DOM Snitch — an experimental* Chrome extension that enables developers and testers to identify insecure practices commonly found in client-side code.