Stop Nefarious Redirects

Detects and stops nefarious URL redirections allows redirects on trusted websites and logs the actions

当前为 2024-04-09 提交的版本,查看 最新版本

  1. // ==UserScript==
  2. // @name         Stop Nefarious Redirects
  3. // @namespace    http://tampermonkey.net/
  4. // @version      2.4
  5. // @description  Detects and stops nefarious URL redirections allows redirects on trusted websites and logs the actions
  6. // @match        http://*/*
  7. // @match        https://*/*
  8. // @grant        none
  9. // @license      MIT
  10. // ==/UserScript==
  11.  
  12. (function() {
  13.     'use strict';
  14.  
  15.     // List of trusted websites or domains where redirects are allowed
  16.     const trustedWebsites = [
  17.          '500px.com',
  18.         'adobe.com',
  19.         'adobe.com',
  20.         'amazon.com',
  21.         'apple.com',
  22.         'arstechnica.com',
  23.         'artstation.com',
  24.         'asana.com',
  25.         'atlassian.com',
  26.         'axios.com',
  27.         'battle.net',
  28.         'bbc.com',
  29.         'behance.net',
  30.         'bestbuy.com',
  31.         'blogger.com',
  32.         'booking.com',
  33.         'buzzfeed.com',
  34.         'canva.com',
  35.         'cnn.com',
  36.         'codecademy.com',
  37.         'constantcontact.com',
  38.         'coursera.org',
  39.         'deviantart.com',
  40.         'discord.com',
  41.         'docusign.com',
  42.         'dribbble.com',
  43.         'dropbox.com',
  44.         'duolingo.com',
  45.         'ebay.com',
  46.         'edx.org',
  47.         'engadget.com',
  48.         'epicgames.com',
  49.         'etsy.com',
  50.         'eurogamer.net',
  51.         'facebook.com',
  52.         'figma.com',
  53.         'flickr.com',
  54.         'forbes.com',
  55.         'framer.com',
  56.         'freecodecamp.org',
  57.         'gamespot.com',
  58.         'gettyimages.com',
  59.         'github.com',
  60.         'gizmodo.com',
  61.         'gog.com',
  62.         'hubspot.com',
  63.         'huffpost.com',
  64.         'humblebundle.com',
  65.         'ign.com',
  66.         'ikea.com',
  67.         'imdb.com',
  68.         'imgur.com',
  69.         'instagram.com',
  70.         'intuit.com',
  71.         'invisionapp.com',
  72.         'itch.io',
  73.         'khanacademy.org',
  74.         'kotaku.com',
  75.         'lifehacker.com',
  76.         'linkedin.com',
  77.         'lynda.com',
  78.         'mailchimp.com',
  79.         'mashable.com',
  80.         'masterclass.com',
  81.         'medium.com',
  82.         'microsoft.com',
  83.         'mozilla.org',
  84.         'msn.com',
  85.         'netflix.com',
  86.         'nytimes.com',
  87.         'origin.com',
  88.         'paypal.com',
  89.         'pcgamer.com',
  90.         'pexels.com',
  91.         'pinterest.com',
  92.         'pixabay.com',
  93.         'pluralsight.com',
  94.         'polygon.com',
  95.         'quora.com',
  96.         'reddit.com',
  97.         'salesforce.com',
  98.         'samsung.com',
  99.         'shutterstock.com',
  100.         'sketch.com',
  101.         'skillshare.com',
  102.         'skype.com',
  103.         'slack.com',
  104.         'soundcloud.com',
  105.         'spotify.com',
  106.         'stackoverflow.com',
  107.         'steamcommunity.com',
  108.         'surveymonkey.com',
  109.         'target.com',
  110.         'techcrunch.com',
  111.         'theguardian.com',
  112.         'theverge.com',
  113.         'tiktok.com',
  114.         'trello.com',
  115.         'tripadvisor.com',
  116.         'tumblr.com',
  117.         'twitch.tv',
  118.         'twitter.com',
  119.         'udemy.com',
  120.         'unsplash.com',
  121.         'Vice.com',
  122.         'vimeo.com',
  123.         'vk.com',
  124.         'vox.com',
  125.         'walmart.com',
  126.         'washingtonpost.com',
  127.         'whatsapp.com',
  128.         'wikimedia.org',
  129.         'wikipedia.org',
  130.         'wired.com',
  131.         'wordpress.com',
  132.         'wsj.com',
  133.         'yahoo.com',
  134.         'yelp.com',
  135.         'youtube.com',
  136.         'zapier.com',
  137.         'zendesk.com',
  138.         'zeplin.io',
  139.         'zoom.us',
  140.        'google.com'
  141.         // Add more trusted websites or domains here
  142.     ];
  143.  
  144.     // Store the original URL
  145.     const originalUrl = window.location.href;
  146.  
  147.     // Flag to track if the script has been activated
  148.     let scriptActivated = false;
  149.  
  150.     // Function to log actions
  151.     function logAction(message) {
  152.         console.log(message);
  153.     }
  154.  
  155.     // Function to check if a website is trusted
  156.     function isTrustedWebsite(url) {
  157.         return trustedWebsites.some(website => url.includes(website));
  158.     }
  159.  
  160.     // Function to handle redirection
  161.     function handleRedirect(event) {
  162.         // Check if the URL has changed
  163.         if (window.location.href !== originalUrl && !scriptActivated) {
  164.             // Check if the current website is trusted
  165.             if (isTrustedWebsite(window.location.href)) {
  166.                 // Allow the redirect on trusted websites
  167.                 return;
  168.             }
  169.  
  170.             // Set the script activation flag
  171.             scriptActivated = true;
  172.  
  173.             // Stop the redirection
  174.             event.preventDefault();
  175.             event.stopPropagation();
  176.  
  177.             // Log the action
  178.             logAction('Nefarious redirection stopped.');
  179.         }
  180.     }
  181.  
  182.     // Function to continuously check for URL changes
  183.     function checkUrlChange() {
  184.         if (window.location.href !== originalUrl && !scriptActivated) {
  185.             // Check if the current website is trusted
  186.             if (isTrustedWebsite(window.location.href)) {
  187.                 // Allow the redirect on trusted websites
  188.                 return;
  189.             }
  190.  
  191.             // Set the script activation flag
  192.             scriptActivated = true;
  193.  
  194.             // Push the original URL into the browser history
  195.             window.history.pushState(null, null, originalUrl);
  196.  
  197.             // Replace the current URL with the original URL
  198.             window.history.replaceState(null, null, originalUrl);
  199.  
  200.             // Log the action
  201.             logAction('Nefarious redirection stopped. Original URL loaded.');
  202.         }
  203.  
  204.         // Reset the script activation flag
  205.         scriptActivated = false;
  206.  
  207.         // Schedule the next check
  208.         setTimeout(checkUrlChange, 100);
  209.     }
  210.  
  211.     // Listen for the beforeunload event (forward direction)
  212.     window.addEventListener('beforeunload', handleRedirect);
  213.  
  214.     // Listen for the popstate event (backward direction)
  215.     window.addEventListener('popstate', handleRedirect);
  216.  
  217.     // Start checking for URL changes
  218.     checkUrlChange();
  219. })();