How Fugu is the Web?

An extension to shine light on the Project Fugu 🐡 APIs web apps want to use.

Hvad er How Fugu is the Web??

How Fugu is the Web? er en Chrome-udvidelse udviklet af Thomas Steiner, og dens hovedfunktion er "An extension to shine light on the Project Fugu 🐡 APIs web apps want to use.".

Udvidelsesskærmbilleder

screenshot
screenshot
screenshot
screenshot

Download How Fugu is the Web?-udvidelses-CRX-fil

Download How Fugu is the Web?-udvidelsesfiler i crx-format, installer Chrome-udvidelser manuelt i browseren eller del crx-filer med venner for nemt at installere Chrome-udvidelser.

Brugsanvisning til Udvidelsen

                        How it works

API data

The raw data for the different Project Fugu 🐡 APIs is curated in a spreadsheet, which is then turned into JavaScript, so keeping the list of APIs updated is hopefully a straightforward task.

API detection

The extension monitors the requests a page makes via the chrome.webRequest.onBeforeRequest.addListener() API. Each response body, grouped by main frame, JavaScript, and Web App Manifest response bodies, is then run through a set of regular expressions like /navigator\.hid\.requestDevice\s*\(/g to determine if the code hints at a Project Fugu 🐡 API potentially being used.

Browser support detection

Most Project Fugu 🐡 APIs are easily feature-detectable by checking for the existence of interfaces or properties, for example, as in 'BarcodeDetector' in window. Other APIs require a ServiceWorkerRegistration, but luckily the popup window in Manifest V3 extensions uses a service worker, so it can be used via an IIFE that can be run in the client or the service worker. An example is (async () => 'periodicSync' in (await navigator.serviceWorker?.ready || self.registration))().

The support categories are listed below:

✔️ Supported by your browser.
🚫 Not supported by your browser.
🤷 Support unknown for your browser. (The only way to know would be user-agent sniffing.)

Deep-linking

The extension makes use of Text Fragment URLs to deep-link to the occurrence of a detected API, for example https://airhorner.com/scripts/main.min.js#:~:text=navigator.setAppBadge(. For main frame documents, the source code gets rendered in a helper HTML page controlled by the extension, since it is impossible to link to view-source: protocol links.

Limitations

• The chrome.webRequest.onBeforeRequest.addListener() API unfortunately does not "see" requests that are handled by a service worker (crbug.com/766433). There are three possible workarounds for this:
  - Hard-reload via ⌘/ctrl+shift+r.
  - Open DevTools and check the Bypass for network checkbox in the Service Worker section of the Application tab.
  - Clear storage in the Storage section of the Application tab.
• The extension only does static code analysis, that is, there is no guarantee that the app actually uses the code snippet where a Project Fugu 🐡 API was detected.
• Heavily minified code will not be detected. For example, if an app minifies navigator.clipboard.write() to const nav = navigator; nav.clipboard.write(), the extension will not detect this.

License

Apache 2.0.

Grundlæggende oplysninger om udvidelsen

Navn How Fugu is the Web? How Fugu is the Web?
ID apcghpabklkjjgpfoplnglnjghonjhdl
Officiel URL https://chromewebstore.google.com/detail/how-fugu-is-the-web/apcghpabklkjjgpfoplnglnjghonjhdl
Beskrivelse An extension to shine light on the Project Fugu 🐡 APIs web apps want to use.
Filstørrelse 125 KB
Antal Installationer 78
Nuværende Version 1.17.0
Senest Opdateret 2024-01-10
Udgivelsesdato 2021-06-23
Udvikler Thomas Steiner
E-mail [email protected]
Betalingsmetode free
Udvidelseswebsted https://github.com/tomayac/project-fugu-api-detector
Hjælpeside-URL https://github.com/tomayac/project-fugu-api-detector/issues
URL til Fortrolighedspolitik Side https://raw.githubusercontent.com/tomayac/blogccasion/master/privacy-policy.txt
Understøttede Sprog en
manifest.json 
{
    "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
    "name": "__MSG_extName__",
    "description": "__MSG_extDescription__",
    "version": "1.17.0",
    "default_locale": "en",
    "manifest_version": 3,
    "background": {
        "service_worker": "background.js"
    },
    "permissions": [
        "activeTab",
        "webRequest",
        "webNavigation"
    ],
    "host_permissions": [
        "https:\/\/*\/*"
    ],
    "action": {
        "default_popup": "popup.html",
        "default_icon": {
            "320": ".\/assets\/blowfish.png"
        },
        "default_title": "__MSG_noAPIsDetected__"
    },
    "content_scripts": [
        {
            "js": [
                "contentInject.js"
            ],
            "matches": [
                ""
            ],
            "run_at": "document_start"
        }
    ],
    "icons": {
        "320": ".\/assets\/blowfish.png"
    }
}

Relaterede Udvidelser

NativeExt
NativeExt
Form Troubleshooter
Form Troubleshooter
Parrot API mocking
Parrot API mocking
A Wrench Menu
A Wrench Menu
Service Worker Detector
Service Worker Detector
CrBug Release Indicator
CrBug Release Indicator
xhr-devtool
xhr-devtool
Xposer
Xposer
Finding patterns
Finding patterns
Refuse To Be Human
Refuse To Be Human
Link Router
Link Router
OPFS Explorer
OPFS Explorer