How Fugu is the Web?

An extension to shine light on the Project Fugu 🐡 APIs web apps want to use.

Τι είναι το How Fugu is the Web?;

Το How Fugu is the Web? είναι ένα πρόσθετο Chrome που αναπτύχθηκε από τον Thomas Steiner, και η κύρια λειτουργία του είναι "An extension to shine light on the Project Fugu 🐡 APIs web apps want to use.".

Στιγμιότυπα Επέκτασης

screenshot
screenshot
screenshot
screenshot

Λήψη αρχείου CRX της επέκτασης How Fugu is the Web?

Λήψη αρχείων επέκτασης How Fugu is the Web? σε μορφή crx, εγκατάσταση των επεκτάσεων Chrome μη αυτόματα στον περιηγητή ή κοινοποίηση των αρχείων crx με φίλους για εύκολη εγκατάσταση των επεκτάσεων Chrome.

Οδηγίες Χρήσης της Επέκτασης

                        How it works

API data

The raw data for the different Project Fugu 🐡 APIs is curated in a spreadsheet, which is then turned into JavaScript, so keeping the list of APIs updated is hopefully a straightforward task.

API detection

The extension monitors the requests a page makes via the chrome.webRequest.onBeforeRequest.addListener() API. Each response body, grouped by main frame, JavaScript, and Web App Manifest response bodies, is then run through a set of regular expressions like /navigator\.hid\.requestDevice\s*\(/g to determine if the code hints at a Project Fugu 🐡 API potentially being used.

Browser support detection

Most Project Fugu 🐡 APIs are easily feature-detectable by checking for the existence of interfaces or properties, for example, as in 'BarcodeDetector' in window. Other APIs require a ServiceWorkerRegistration, but luckily the popup window in Manifest V3 extensions uses a service worker, so it can be used via an IIFE that can be run in the client or the service worker. An example is (async () => 'periodicSync' in (await navigator.serviceWorker?.ready || self.registration))().

The support categories are listed below:

✔️ Supported by your browser.
🚫 Not supported by your browser.
🤷 Support unknown for your browser. (The only way to know would be user-agent sniffing.)

Deep-linking

The extension makes use of Text Fragment URLs to deep-link to the occurrence of a detected API, for example https://airhorner.com/scripts/main.min.js#:~:text=navigator.setAppBadge(. For main frame documents, the source code gets rendered in a helper HTML page controlled by the extension, since it is impossible to link to view-source: protocol links.

Limitations

• The chrome.webRequest.onBeforeRequest.addListener() API unfortunately does not "see" requests that are handled by a service worker (crbug.com/766433). There are three possible workarounds for this:
  - Hard-reload via ⌘/ctrl+shift+r.
  - Open DevTools and check the Bypass for network checkbox in the Service Worker section of the Application tab.
  - Clear storage in the Storage section of the Application tab.
• The extension only does static code analysis, that is, there is no guarantee that the app actually uses the code snippet where a Project Fugu 🐡 API was detected.
• Heavily minified code will not be detected. For example, if an app minifies navigator.clipboard.write() to const nav = navigator; nav.clipboard.write(), the extension will not detect this.

License

Apache 2.0.                    

Βασικές Πληροφορίες Επέκτασης

Όνομα How Fugu is the Web? How Fugu is the Web?
ID apcghpabklkjjgpfoplnglnjghonjhdl
Επίσημο URL https://chromewebstore.google.com/detail/how-fugu-is-the-web/apcghpabklkjjgpfoplnglnjghonjhdl
Περιγραφή An extension to shine light on the Project Fugu 🐡 APIs web apps want to use.
Μέγεθος Αρχείου 125 KB
Αριθμός Εγκαταστάσεων 78
Τρέχουσα Έκδοση 1.17.0
Τελευταία Ενημέρωση 2024-01-10
Ημερομηνία Δημοσίευσης 2021-06-23
Προγραμματιστής Thomas Steiner
Ηλεκτρονικό ταχυδρομείο [email protected]
Τύπος Πληρωμής free
Ιστότοπος Επέκτασης https://github.com/tomayac/project-fugu-api-detector
Διεύθυνση URL της Σελίδας Βοήθειας https://github.com/tomayac/project-fugu-api-detector/issues
URL της Σελίδας Πολιτικής Απορρήτου https://raw.githubusercontent.com/tomayac/blogccasion/master/privacy-policy.txt
Υποστηριζόμενες Γλώσσες en
manifest.json
{
    "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
    "name": "__MSG_extName__",
    "description": "__MSG_extDescription__",
    "version": "1.17.0",
    "default_locale": "en",
    "manifest_version": 3,
    "background": {
        "service_worker": "background.js"
    },
    "permissions": [
        "activeTab",
        "webRequest",
        "webNavigation"
    ],
    "host_permissions": [
        "https:\/\/*\/*"
    ],
    "action": {
        "default_popup": "popup.html",
        "default_icon": {
            "320": ".\/assets\/blowfish.png"
        },
        "default_title": "__MSG_noAPIsDetected__"
    },
    "content_scripts": [
        {
            "js": [
                "contentInject.js"
            ],
            "matches": [
                ""
            ],
            "run_at": "document_start"
        }
    ],
    "icons": {
        "320": ".\/assets\/blowfish.png"
    }
}