How Fugu is the Web?
An extension to shine light on the Project Fugu 🐡 APIs web apps want to use.
Hvad er How Fugu is the Web??
How Fugu is the Web? er en Chrome-udvidelse udviklet af Thomas Steiner, og dens hovedfunktion er "An extension to shine light on the Project Fugu 🐡 APIs web apps want to use.".
Udvidelsesskærmbilleder
Download How Fugu is the Web?-udvidelses-CRX-fil
Download How Fugu is the Web?-udvidelsesfiler i crx-format, installer Chrome-udvidelser manuelt i browseren eller del crx-filer med venner for nemt at installere Chrome-udvidelser.
Brugsanvisning til Udvidelsen
How it works API data The raw data for the different Project Fugu 🐡 APIs is curated in a spreadsheet, which is then turned into JavaScript, so keeping the list of APIs updated is hopefully a straightforward task. API detection The extension monitors the requests a page makes via the chrome.webRequest.onBeforeRequest.addListener() API. Each response body, grouped by main frame, JavaScript, and Web App Manifest response bodies, is then run through a set of regular expressions like /navigator\.hid\.requestDevice\s*\(/g to determine if the code hints at a Project Fugu 🐡 API potentially being used. Browser support detection Most Project Fugu 🐡 APIs are easily feature-detectable by checking for the existence of interfaces or properties, for example, as in 'BarcodeDetector' in window. Other APIs require a ServiceWorkerRegistration, but luckily the popup window in Manifest V3 extensions uses a service worker, so it can be used via an IIFE that can be run in the client or the service worker. An example is (async () => 'periodicSync' in (await navigator.serviceWorker?.ready || self.registration))(). The support categories are listed below: ✔️ Supported by your browser. 🚫 Not supported by your browser. 🤷 Support unknown for your browser. (The only way to know would be user-agent sniffing.) Deep-linking The extension makes use of Text Fragment URLs to deep-link to the occurrence of a detected API, for example https://airhorner.com/scripts/main.min.js#:~:text=navigator.setAppBadge(. For main frame documents, the source code gets rendered in a helper HTML page controlled by the extension, since it is impossible to link to view-source: protocol links. Limitations • The chrome.webRequest.onBeforeRequest.addListener() API unfortunately does not "see" requests that are handled by a service worker (crbug.com/766433). There are three possible workarounds for this: - Hard-reload via ⌘/ctrl+shift+r. - Open DevTools and check the Bypass for network checkbox in the Service Worker section of the Application tab. - Clear storage in the Storage section of the Application tab. • The extension only does static code analysis, that is, there is no guarantee that the app actually uses the code snippet where a Project Fugu 🐡 API was detected. • Heavily minified code will not be detected. For example, if an app minifies navigator.clipboard.write() to const nav = navigator; nav.clipboard.write(), the extension will not detect this. License Apache 2.0.
Grundlæggende oplysninger om udvidelsen
Navn | How Fugu is the Web? |
ID | apcghpabklkjjgpfoplnglnjghonjhdl |
Officiel URL | https://chromewebstore.google.com/detail/how-fugu-is-the-web/apcghpabklkjjgpfoplnglnjghonjhdl |
Beskrivelse | An extension to shine light on the Project Fugu 🐡 APIs web apps want to use. |
Filstørrelse | 125 KB |
Antal Installationer | 78 |
Nuværende Version | 1.17.0 |
Senest Opdateret | 2024-01-10 |
Udgivelsesdato | 2021-06-23 |
Udvikler | Thomas Steiner |
[email protected] | |
Betalingsmetode | free |
Udvidelseswebsted | https://github.com/tomayac/project-fugu-api-detector |
Hjælpeside-URL | https://github.com/tomayac/project-fugu-api-detector/issues |
URL til Fortrolighedspolitik Side | https://raw.githubusercontent.com/tomayac/blogccasion/master/privacy-policy.txt |
Understøttede Sprog | en |
manifest.json | |
{ "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx", "name": "__MSG_extName__", "description": "__MSG_extDescription__", "version": "1.17.0", "default_locale": "en", "manifest_version": 3, "background": { "service_worker": "background.js" }, "permissions": [ "activeTab", "webRequest", "webNavigation" ], "host_permissions": [ "https:\/\/*\/*" ], "action": { "default_popup": "popup.html", "default_icon": { "320": ".\/assets\/blowfish.png" }, "default_title": "__MSG_noAPIsDetected__" }, "content_scripts": [ { "js": [ "contentInject.js" ], "matches": [ " |