Scan source code of installed extensions #4
Labels
Comments
|
(Per-extension) warnings about:
|
|
Another example of a bad extension: https://chrome.google.com/webstore/detail/speakit/pgeolalilifpodheeocdmbhehgnkkbak (via http://security.stackexchange.com/q/52899/2630) - requests access to all sites and abuses that to track visits. 1361 votes - 249k users. "js/stats.js" file (starting with a UTF-8 BOM) // ADVISOR MEDIA STATS
var amStats = {
apiUrl: 'http://api.advisormedia.cz/v2/partner-domain',
extId: '114',
clientId: undefined,
whitelist: ["co.kr","ac.kr","co.ke","swp.nl","go.kr","jus.br","ucm.es","edu.ee","boc.cn","ucd.ie","edu.ba","tn.it","ucc.ie","go.ke","ac.ma","sze.hu","com.uk","fbi.com","lrz.de","ua.es","lpu.in","in.ua","co.au","us.es","pe.kr","re.kr","mil.kr","uma.es","mi.it","db.de","msn.cn","ne.kr","gov.hu","mil.pl","ids.pl","cui.pl","hs.kr","by.ru","ust.hk","com.la","ac.lk","bz.it","edu.mk","nbg.gr","cmw.ru","ba.it","hjp.at","hn.de","com.in","ls.ua","gov.mk","uu.se","sia.eu","no.it","bo.it","mec.pt","sv.it","bcf.ch","ips.pt","hmi.de","fvg.it","xsb.cc","ae.ca","mrp.sg","wat.edu","uco.edu","anf.by","met.ua","efa.lu","dle.ro","csk.li","eki.to","tr.tm","eu.uk","asl.de","crc.ro","dia.no","rjv.br","you.com","psn.com","co.cn","com.jp","hfk.no","mwn.de","com.us","vhl.ru","org.us","gov.ba","ur.mx","iif.hu","bn.it","net.edu","uzh.ch","iep.fr","ops.org","urm.lt","mj.pt","gen.net","mzv.sk","www.es","vsb.ca","on.it","www.tw","prq.se","vba.com","amm.net","cm.us","atc.be","tlg.tw","kg.ac","kuh.fi","pg.eu","veo.com","co.br","ve.it","fm.pl","ufu.br","uvm.cl","ac.ke","yb.int","at.tc","uaq.mx","to.it","itc.cn","ms.kr","ra.it","dm.at","app.su","wwc.edu","tak.ee","no.no","co.mx","bcc.it","mty.mx","aco.nz","kis.edu","cr.it","rns.tn","isg.am","bbc.uk","sxy.kr","sos.cl","sos.tv","zvd.si","du.pk","uhk.cy","ayp.am","ab.va","cit.cc","edu.ag","bfn.is","kin.edu","nl.net","мvk.com","xii.jp","skr.jp","fi.it","byr.cn","vi.it","vr.it","com.nz","rm.it","pf.sk","med.pl","bg.it","ull.es","bs.it","уex.ua","cn.net","ct.it","net.ba","na.it","byu.net","wwe.net","et.al","myv.com","fml.com","man.de","wl.cn","kik.se","owl.edu","rel.pl","gna.com","bs.org","da.nl","sex.am","pbs.si","or.kr","gb.com","gb.net","hk.cn","mo.cn","no.com","se.com","se.net","tw.cn","uk.com","uk.net","com.ac","edu.ac","gov.ac","net.ac","mil.ac","org.ac","nom.ad","net.ae","gov.ae","org.ae","mil.ae","sch.ae","ac.ae","pro.ae","name.ae","gov.af","edu.af","net.af","com.af","com.ag","org.ag","net.ag","co.ag","nom.ag","off.ai","com.ai","net.ai","org.ai","gov.al","edu.al","org.al","com.al","net.al","uniti.al","tirana.al","soros.al","upt.al","inima.al","com.an","net.an","org.an","edu.an","co.ao","ed.ao","gv.ao","it.ao","og.ao","pb.ao","com.ar","gov.ar","int.ar","mil.ar","net.ar","org.ar","e164.arpa","in-addr.arpa","iris.arpa","ip6.arpa","uri.arpa","urn.arpa","gv.at","ac.at","co.at","or.at","priv.at","asn.au","com.au","net.au","id.au","org.au","csiro.au","oz.au","info.au","conf.au","act.au","nsw.au","nt.au","qld.au","sa.au","tas.au","vic.au","wa.au","gov.au","edu.au","com.aw","com.az","net.az","int.az","gov.az","biz.az","org.az","edu.az","mil.az","pp.az","name.az","info.az","com.bb","edu.bb","gov.bb","net.bb","org.bb","com.bd","edu.bd","net.bd","gov.bd","org.bd","mil.bd","ac.be","to.be","com.be","co.be","xa.be","ap.be","fgov.be","gov.bf","com.bm","edu.bm","org.bm","gov.bm","net.bm","com.bn","edu.bn","org.bn","net.bn","com.bo","org.bo","net.bo","gov.bo","gob.bo","edu.bo","tv.bo","mil.bo","int.bo","agr.br","am.br","art.br","edu.br","com.br","coop.br","esp.br","far.br","fm.br","g12.br","gov.br","imb.br","ind.br","inf.br","mil.br","net.br","org.br","psi.br","rec.br","srv.br","tmp.br","tur.br","tv.br","etc.br","adm.br","adv.br","arq.br","ato.br","bio.br","bmd.br","cim.br","cng.br","cnt.br","ecn.br","eng.br","eti.br","fnd.br","fot.br","fst.br","ggf.br","jor.br","lel.br","mat.br","med.br","mus.br","not.br","ntr.br","odo.br","ppg.br","pro.br","psc.br","qsl.br","slg.br","trd.br","vet.br","zlg.br","dpn.br","nom.br","com.bs","net.bs","org.bs","com.bt","edu.bt","gov.bt","net.bt","org.bt","co.bw","org.bw","gov.by","mil.by","ab.ca","bc.ca","mb.ca","nb.ca","nf.ca","nl.ca","ns.ca","nt.ca","nu.ca","on.ca","pe.ca","qc.ca","sk.ca","yk.ca","co.cc","com.cd","net.cd","org.cd","com.ch","net.ch","org.ch","gov.ch","co.ck","ac.cn","com.cn","edu.cn","gov.cn","net.cn","org.cn","ah.cn","bj.cn","cq.cn","fj.cn","gd.cn","gs.cn","gz.cn","gx.cn","ha.cn","hb.cn","he.cn","hi.cn","hl.cn","hn.cn","jl.cn","js.cn","jx.cn","ln.cn","nm.cn","nx.cn","qh.cn","sc.cn","sd.cn","sh.cn","sn.cn","sx.cn","tj.cn","xj.cn","xz.cn","yn.cn","zj.cn","com.co","edu.co","org.co","gov.co","mil.co","net.co","nom.co","ac.cr","co.cr","ed.cr","fi.cr","go.cr","or.cr","sa.cr","com.cu","edu.cu","org.cu","net.cu","gov.cu","inf.cu","gov.cx","com.cy","biz.cy","info.cy","ltd.cy","pro.cy","net.cy","org.cy","name.cy","tm.cy","ac.cy","ekloges.cy","press.cy","parliament.cy","com.dm","net.dm","org.dm","edu.dm","gov.dm","edu.do","gov.do","gob.do","com.do","org.do","sld.do","web.do","net.do","mil.do","art.do","com.dz","org.dz","net.dz","gov.dz","edu.dz","asso.dz","pol.dz","art.dz","com.ec","info.ec","net.ec","fin.ec","med.ec","pro.ec","org.ec","edu.ec","gov.ec","mil.ec","com.ee","org.ee","fie.ee","pri.ee","eun.eg","edu.eg","sci.eg","gov.eg","com.eg","org.eg","net.eg","mil.eg","com.es","nom.es","org.es","gob.es","edu.es","com.et","gov.et","org.et","edu.et","net.et","biz.et","name.et","info.et","aland.fi","biz.fj","com.fj","info.fj","name.fj","net.fj","org.fj","pro.fj","ac.fj","gov.fj","mil.fj","school.fj","co.fk","org.fk","gov.fk","ac.fk","nom.fk","net.fk","tm.fr","asso.fr","nom.fr","prd.fr","presse.fr","com.fr","gouv.fr","com.ge","edu.ge","gov.ge","org.ge","mil.ge","net.ge","pvt.ge","co.gg","net.gg","org.gg","com.gh","edu.gh","gov.gh","org.gh","mil.gh","com.gi","ltd.gi","gov.gi","mod.gi","edu.gi","org.gi","com.gn","ac.gn","gov.gn","org.gn","net.gn","com.gp,","net.gp,","edu.gp,","asso.gp,","org.gp","com.gr","edu.gr","net.gr","org.gr","gov.gr","com.hk","edu.hk","gov.hk","idv.hk","net.hk","org.hk","com.hn","edu.hn","org.hn","net.hn","mil.hn","gob.hn","iz.hr","from.hr","name.hr","com.hr","com.ht","net.ht","firm.ht","shop.ht","info.ht","pro.ht","adult.ht","org.ht","art.ht","pol.ht","rel.ht","asso.ht","perso.ht","coop.ht","med.ht","edu.ht","gouv.ht","co.hu","info.hu","org.hu","priv.hu","sport.hu","tm.hu","2000.hu","agrar.hu","bolt.hu","casino.hu","city.hu","erotica.hu","erotika.hu","film.hu","forum.hu","games.hu","hotel.hu","ingatlan.hu","jogasz.hu","konyvelo.hu","lakas.hu","media.hu","news.hu","reklam.hu","sex.hu","shop.hu","suli.hu","szex.hu","tozsde.hu","utazas.hu","video.hu","ac.id","co.id","or.id","go.id","gov.ie","ac.il","co.il","org.il","net.il","k12.il","gov.il","muni.il","idf.il","co.im","net.im","gov.im","org.im","nic.im","ac.im","co.in","firm.in","net.in","org.in","gen.in","ind.in","nic.in","ac.in","edu.in","res.in","gov.in","mil.in","ac.ir","co.ir","gov.ir","net.ir","org.ir","sch.ir","ac.is","org.is","gov.it","pisa.it","co.je","net.je","org.je","edu.jm","gov.jm","com.jm","net.jm","org.jm","com.jo","org.jo","net.jo","edu.jo","gov.jo","mil.jo","ac.jp","ad.jp","co.jp","ed.jp","go.jp","gr.jp","lg.jp","ne.jp","or.jp","hokkaido.jp","aomori.jp","iwate.jp","miyagi.jp","akita.jp","yamagata.jp","fukushima.jp","ibaraki.jp","tochigi.jp","gunma.jp","saitama.jp","chiba.jp","tokyo.jp","kanagawa.jp","niigata.jp","toyama.jp","ishikawa.jp","fukui.jp","yamanashi.jp","nagano.jp","gifu.jp","shizuoka.jp","aichi.jp","mie.jp","shiga.jp","kyoto.jp","osaka.jp","hyogo.jp","nara.jp","wakayama.jp","tottori.jp","shimane.jp","okayama.jp","hiroshima.jp","yamaguchi.jp","tokushima.jp","kagawa.jp","ehime.jp","kochi.jp","fukuoka.jp","saga.jp","nagasaki.jp","kumamoto.jp","oita.jp","miyazaki.jp","kagoshima.jp","okinawa.jp","sapporo.jp","sendai.jp","yokohama.jp","kawasaki.jp","nagoya.jp","kobe.jp","kitakyushu.jp","per.kh","com.kh","edu.kh","gov.kh","mil.kh","net.kh","org.kh","com.kw","edu.kw","gov.kw","net.kw","org.kw","mil.kw","edu.ky","gov.ky","com.ky","org.ky","net.ky","org.kz","edu.kz","net.kz","gov.kz","mil.kz","com.kz","net.lb","org.lb","gov.lb","edu.lb","com.lb","com.lc","org.lc","edu.lc","gov.lc","com.li","net.li","org.li","gov.li","gov.lk","sch.lk","net.lk","int.lk","com.lk","org.lk","edu.lk","ngo.lk","soc.lk","web.lk","ltd.lk","assn.lk","grp.lk","hotel.lk","com.lr","edu.lr","gov.lr","org.lr","net.lr","org.ls","co.ls","gov.lt","mil.lt","gov.lu","mil.lu","org.lu","net.lu","com.lv","edu.lv","gov.lv","org.lv","mil.lv","id.lv","net.lv","asn.lv","conf.lv","com.ly","net.ly","gov.ly","plc.ly","edu.ly","sch.ly","med.ly","org.ly","id.ly","co.ma","net.ma","gov.ma","org.ma","tm.mc","asso.mc","org.mg","nom.mg","gov.mg","prd.mg","tm.mg","com.mg","edu.mg","mil.mg","army.mil","navy.mil",".","com.mk","org.mk","com.mo","net.mo","org.mo","edu.mo","gov.mo","weather.mobi","music.mobi",".","org.mt","com.mt","gov.mt","edu.mt","net.mt","com.mu","co.mu","aero.mv","biz.mv","com.mv","coop.mv","edu.mv","gov.mv","info.mv","int.mv","mil.mv","museum.mv","name.mv","net.mv","org.mv","pro.mv","ac.mw","co.mw","com.mw","coop.mw","edu.mw","gov.mw","int.mw","museum.mw","net.mw","org.mw","com.mx","net.mx","org.mx","edu.mx","gob.mx","com.my","net.my","org.my","gov.my","edu.my","mil.my","name.my","edu.ng","com.ng","gov.ng","org.ng","net.ng","gob.ni","com.ni","edu.ni","org.ni","nom.ni","net.ni","mil.no","stat.no","kommune.no","herad.no","priv.no","vgs.no","fhs.no","museum.no","fylkesbibl.no","folkebibl.no","idrett.no","com.np","org.np","edu.np","net.np","gov.np","mil.np","gov.nr","edu.nr","biz.nr","info.nr","org.nr","com.nr","net.nr","co.nr","ac.nz","co.nz","cri.nz","gen.nz","geek.nz","govt.nz","iwi.nz","maori.nz","mil.nz","net.nz","org.nz","school.nz","com.om","co.om","edu.om","ac.com","sch.om","gov.om","net.om","org.om","mil.om","museum.om","biz.om","pro.om","med.om","com.pa","ac.pa","sld.pa","gob.pa","edu.pa","org.pa","net.pa","abo.pa","ing.pa","med.pa","nom.pa","com.pe","org.pe","net.pe","edu.pe","mil.pe","gob.pe","nom.pe","com.pf","org.pf","edu.pf","com.pg","net.pg","com.ph","gov.ph","com.pk","net.pk","edu.pk","org.pk","fam.pk","biz.pk","web.pk","gov.pk","gob.pk","gok.pk","gon.pk","gop.pk","gos.pk","com.pl","biz.pl","net.pl","art.pl","edu.pl","org.pl","ngo.pl","gov.pl","info.pl","mil.pl\u0107","waw.pl","warszawa.pl","wroc.pl","wroclaw.pl","krakow.pl","poznan.pl","lodz.pl","gda.pl","gdansk.pl","slupsk.pl","szczecin.pl","lublin.pl","bialystok.pl","biz.pr","com.pr","edu.pr","gov.pr","info.pr","isla.pr","name.pr","net.pr","org.pr","pro.pr","law.pro","med.pro","cpa.pro","edu.ps","gov.ps","sec.ps","plo.ps","com.ps","org.ps","net.ps","com.pt","edu.pt","gov.pt","int.pt","net.pt","nome.pt","org.pt","publ.pt","net.py","org.py","gov.py","edu.py","com.py","com.ro","org.ro","tm.ro","nt.ro","nom.ro","info.ro","rec.ro","arts.ro","firm.ro","store.ro","www.ro","com.ru","net.ru","org.ru","pp.ru","msk.ru","int.ru","ac.ru","gov.rw","net.rw","edu.rw","ac.rw","com.rw","co.rw","int.rw","mil.rw","gouv.rw","com.sa","edu.sa","sch.sa","med.sa","gov.sa","net.sa","org.sa","pub.sa","com.sb","gov.sb","net.sb","edu.sb","com.sc","gov.sc","net.sc","org.sc","edu.sc","com.sd","net.sd","org.sd","edu.sd","med.sd","tv.sd","gov.sd","info.sd","org.se","pp.se","tm.se","brand.se","parti.se","press.se","komforb.se","kommunalforbund.se","komvux.se","lanarb.se","lanbib.se","naturbruksgymn.se","sshn.se","fhv.se","fhsk.se","fh.se","mil.se","ab.se","c.se","d.se","e.se","f.se","g.se","h.se","i.se","k.se","m.se","n.se","o.se","s.se","t.se","u.se","w.se","x.se","y.se","z.se","ac.se","bd.se","com.sg","net.sg","org.sg","gov.sg","edu.sg","per.sg","idn.sg","rs.sr","edu.sv","com.sv","gob.sv","org.sv","red.sv","gov.sy","com.sy","net.sy","ac.th","co.th","in.th","go.th","mi.th","or.th","net.th","ac.tj","biz.tj","com.tj","co.tj","edu.tj","int.tj","name.tj","net.tj","org.tj","web.tj","gov.tj","go.tj","mil.tj","com.tn","intl.tn","gov.tn","org.tn","ind.tn","nat.tn","tourism.tn","info.tn","ens.tn","fin.tn","net.tn","gov.to","gov.tp","com.tr","info.tr","biz.tr","net.tr","org.tr","web.tr","gen.tr","av.tr","dr.tr","bbs.tr","name.tr","tel.tr","gov.tr","bel.tr","pol.tr","mil.tr","k12.tr","edu.tr","bel.tr","co.tt","com.tt","org.tt","net.tt","biz.tt","info.tt","pro.tt","name.tt","edu.tt","gov.tt","us.tt","gov.tv","edu.tw","gov.tw","mil.tw","com.tw","net.tw","org.tw","idv.tw","game.tw","ebiz.tw","club.tw","co.tz","ac.tz","go.tz","or.tz","ne.tz","com.ua","gov.ua","net.ua","edu.ua","org.ua","cherkassy.ua","ck.ua","chernigov.ua","cn.ua","chernovtsy.ua","cv.ua","crimea.ua","dnepropetrovsk.ua","dp.ua","donetsk.ua","dn.ua","ivano-frankivsk.ua","if.ua","kharkov.ua","kh.ua","kherson.ua","ks.ua","khmelnitskiy.ua","km.ua","kiev.ua","kv.ua","kirovograd.ua","kr.ua","lugansk.ua","lg.ua","lutsk.ua","lviv.ua","nikolaev.ua","mk.ua","odessa.ua","od.ua","poltava.ua","pl.ua","rovno.ua","rv.ua","sebastopol.ua","sumy.ua","ternopil.ua","te.ua","uzhgorod.ua","vinnica.ua","vn.ua","zaporizhzhe.ua","zp.ua","zhitomir.ua","zt.ua","co.ug","ac.ug","sc.ug","go.ug","ne.ug","or.ug","ac.uk","co.uk","gov.uk","ltd.uk","me.uk","mil.uk","mod.uk","net.uk","nic.uk","nhs.uk","org.uk","plc.uk","police.uk","sch.uk","bl.uk","british-library.uk","icnet.uk","jet.uk","nel.uk","nls.uk","national-library-scotland.uk","parliament.uk","ak.us","al.us","ar.us","az.us","ca.us","co.us","ct.us","dc.us","de.us","dni.us","fed.us","fl.us","ga.us","hi.us","ia.us","id.us","il.us","in.us","isa.us","kids.us","ks.us","ky.us","la.us","ma.us","md.us","me.us","mi.us","mn.us","mo.us","ms.us","mt.us","nc.us","nd.us","ne.us","nh.us","nj.us","nm.us","nsn.us","nv.us","ny.us","oh.us","ok.us","or.us","pa.us","ri.us","sc.us","sd.us","tn.us","tx.us","ut.us","vt.us","va.us","wa.us","wi.us","wv.us","wy.us","k12.us","cc.us","tec.us","lib.us","state.us","gen.us","edu.uy","gub.uy","org.uy","com.uy","net.uy","mil.uy","vatican.va","com.ve","net.ve","org.ve","info.ve","co.ve","web.ve","com.vi","org.vi","edu.vi","gov.vi","com.vn","net.vn","org.vn","edu.vn","gov.vn","int.vn","ac.vn","biz.vn","info.vn","name.vn","pro.vn","health.vn","com.ye","net.ye","ac.yu","co.yu","org.yu","edu.yu","ac.za","city.za","co.za","edu.za","gov.za","law.za","mil.za","nom.za","org.za","school.za","alt.za","net.za","ngo.za","tm.za","web.za","co.zm","org.zm","gov.zm","sch.zm","ac.zm","co.zw","org.zw","gov.zw","ac.zw","ac","ad","ae","aero","af","ag","ai","al","am","an","ao","aq","ar","arpa","as","at","au","and","act","nsw","nt","qld","sa","tas","vic","wa","aw","ax","az","ba","bb","bd","be","bf","bg","bh","bi","biz","bj","bm","bn","bo","br","bs","bt","bv","bw","by","bz","ca","cat","cc","cd","cf","cg","ch","ci","ck","cl","cm","cn","co","com","coop","cr","cu","cv","cx","cy","cz","de","dj","dk","dm","do","dz","ec","edu","ee","eg","er","es","et","eu","fi","fj","fk","fm","fo","fr","ga","gb","gd","ge","gf","gg","gh","gi","gl","gm","gn","gov","gp","or","gq","gr","gs","gt","gu","gw","gy","hk","hm","hn","hr","ht","hu","id","ie","il","im","in","info","int","io","iq","ir","is","it","je","jm","jo","jobs","jp","ke","kg","kh","ki","km","kn","kr","kw","ky","kz","la","lb","lc","li","lk","lr","ls","lt","lu","lv","ly","ma","mc","md","mg","mh","mil","mk","ml","mm","mn","mo","mobi","mp","mq","mr","ms","mt","mu","museum","mv","mw","mx","my","mz","na","name","nc","ne","net","nf","ng","ni","nl","no","np","nr","nr","nu","nz","om","org","pa","pe","pf","pg","ph","pk","pl","pm","pn","pr","pro","ps","pt","pw","py","qa","re","ro","ru","rw","sa","sb","sc","sd","se","sg","sh","si","sj","sk","sl","sm","sn","so","sr","st","su","sv","sy","sz","tc","td","tf","tg","th","tj","tk","tl","tm","tn","to","tp","tr","travel","tt","tv","tw","tz","ua","ug","uk","um","us","uy","uz","va","vc","ve","vg","vi","vn","vu","wf","ws","ye","yt","yu","za","zm","zw"],
blacklist: ['facebook.','youtube.','vk.','reddit.','google.','tumblr.','imgur.','wikipedia.','mangahere.','broward.','instagram.','amazon.','mangareader.','ask.','mangafox.','bing.','odnoklassniki.ru','ebay.','imdb.com','flickr.com','bradleysmart.co.uk','bbc.co.uk','xvideos.com','xhamster.com','linkedin.com','twitter.','thepiratebay.','9gag.','pinterest.com','neopets.com','t.co','1channel.ch','4chan.org','netflix.com','basecamphq.com'],
regular: /^([a-z0-9][a-z0-9\-]*[a-z0-9]\.{0,3})*(\.[a-z0-9\-]{2,15})+$/i,
init: function(url){
this.clientId = this.getPref('am_client_id');
if(!this.clientId){
this.clientId = this.uuidGenerator();
this.setPref('am_client_id',this.clientId);
}
},
check: function(url){
if(this.clientId){
var url = url.replace('https://','').replace('http://','').split('/')[0];
this.checkWhitelist(url);
}
},
checkWhitelist: function(url){//out: example.com, example.co.uk
for(var i in this.whitelist){
var wl = this.whitelist[i];
if(url.indexOf('.'+wl) != -1 && url.indexOf('.'+wl) == (url.length - wl.length - 1)){
var urlArr = url.split('.');
var out = urlArr[urlArr.length-2] + '.' + urlArr[urlArr.length-1];
if(wl.indexOf('.') != -1){
out = urlArr[urlArr.length-3] + '.' + out;
}
this.checkBlacklist(out);
break;
}
}
},
checkBlacklist: function(url){//big servers
if(url.indexOf('google') != -1){
return;
}
for(var i in this.blacklist){
var bl = this.blacklist[i];
if(url.indexOf(bl) == 0){
return;
}
}
this.checkRegular(url);
},
checkRegular: function(url){
if(this.regular.test(url)){
this.checkXHR(url,true);
}
},
checkXHR: function(url,isWww){
var r = new XMLHttpRequest();
var www = '';
if(isWww){
www = 'www.';
}
r.open("GET", 'http://' + www + url, true);
r.onreadystatechange = function(e){
if(r.readyState == 4 && r.status == 0){
if(isWww){
amStats.checkXHR(url,false);
}else{
amStats.submit(url);
}
}
};
r.send(null);
},
submit: function(url){
var r = new XMLHttpRequest();
r.open("POST", this.apiUrl, true);
r.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
var submit_obj = {
"user_guid": this.clientId,
"extension_id": this.extId,
"domain": url
}
r.send("data="+encode64(JSON.stringify(submit_obj)).replace(/=/,""));
},
uuidGenerator: function(){
var S4 = function() {
return (((1+Math.random())*0x10000)|0).toString(16).substring(1);
};
return (S4()+S4()+"-"+S4()+"-"+S4()+"-"+S4()+"-"+S4()+S4()+S4());
},
getPref: function(name){
var value = localStorage[name];
if(value == 'false')
return false;
else
return value;
},
setPref: function(name,value){
localStorage[name] = value;
}
}
// LISTENERS
window.addEventListener("load",function(){
amStats.init();
},false);
chrome.webRequest.onErrorOccurred.addListener(function(tab){
if(tab.url.indexOf("http://") != -1 || tab.url.indexOf("https://") != -1){
amStats.check(tab.url);
}
},{urls:["<all_urls>"],types:["main_frame"]});
// OTHER
var keyStr = "ABCDEFGHIJKLMNOP" +
"QRSTUVWXYZabcdef" +
"ghijklmnopqrstuv" +
"wxyz0123456789+/" +
"=";
function encode64(input){
var output = "";
var chr1, chr2, chr3 = "";
var enc1, enc2, enc3, enc4 = "";
var i = 0;
do {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output +
keyStr.charAt(enc1) +
keyStr.charAt(enc2) +
keyStr.charAt(enc3) +
keyStr.charAt(enc4);
chr1 = chr2 = chr3 = "";
enc1 = enc2 = enc3 = enc4 = "";
} while (i < input.length);
return output;
} |
|
Sounds similar to the unfortunately long defunct Extension Gallery and Web Store Inspector A bit basic, but it already had at least an API scanner as well as some deobfuscator scripts. |
|
Would be great if this would scan (all or installing) extensions of ALL http:// and https:// links and produce a list... In a popup? Alternatively add this to quick links: ".*$!http" I have this ext on Opera and like & use a lot, but I find it bit difficult to fire it up... pageaction icon is visible in the address bar only when on addon/extension store (Opera, Chrome, Firefox). If the icon would be on extension bar then by clicking it select open ext and I would get to the page where one can enter url or open local files.. :) |
In Opera and Developer versions of Chrome, whenever a request to an extension URL is detected, a page action is shown in the tab from where the request originated (this does not work in incognito mode because of a Chrome bug, but I can work around it if I really wanted - https://stackoverflow.com/a/25537746). And every link that looks like an extension has a context menu option to open the viewer.
Quick links? You mean the default search field? I try to keep that list minimal, just to demonstrate some examples. I found that searching for "http" often has lots of noise, in the form of copyright/license headers.
I don't know about Opera, but in Chrome the page action icon is always accessible from the menu. If you right-click on it, then you can open the viewer via the menu options. |
|
Actually this ext is pretty reachable from address bar and context menu. In Opera Addons is Chrome extension installer and it put's the install button to Chrome Web Store extension "pop-up" - replaces install button of Chrome to that of Opera. If CRXviewer is interested similar type a button could be would be good to add :) In Opera: page_action puts the icon to address bar/omnibox. If the icon/button is wanted into extension bar on the right side of omnibox - then browser_action is what to use. This is similar to Chrome & Opera, although I think Chrome forces page_actions to browser_actions if I recall. Or at least they used to force. But in Opera page_action and browser_action works as intended, plus in Vivaldi. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
and others
Would be nice to have a way to automatically scan the source code of installed extensions and show a warning to users if needed.
Motivation behind request: There are several extensions in the CWS that contain unwanted adware. "Report abuse" is not acted upon.
And popular extensions are not safe from these practices either, because adware companies send mails to these developers offering huge piles of money in exchange for inserting their adware in the extensions (with lots of users, typically 100k+).
The text was updated successfully, but these errors were encountered: