Stop Nefarious Redirects

Detects and stops nefarious URL redirections allows redirects on trusted websites and logs the actions

当前为 2024-04-09 提交的版本,查看 最新版本

  1. // ==UserScript==
  2. // @name Stop Nefarious Redirects
  3. // @namespace http://tampermonkey.net/
  4. // @version 2.4
  5. // @description Detects and stops nefarious URL redirections allows redirects on trusted websites and logs the actions
  6. // @match http://*/*
  7. // @match https://*/*
  8. // @grant none
  9. // @license MIT
  10. // ==/UserScript==
  11.  
  12. (function() {
  13. 'use strict';
  14.  
  15. // List of trusted websites or domains where redirects are allowed
  16. const trustedWebsites = [
  17. '500px.com',
  18. 'adobe.com',
  19. 'adobe.com',
  20. 'amazon.com',
  21. 'apple.com',
  22. 'arstechnica.com',
  23. 'artstation.com',
  24. 'asana.com',
  25. 'atlassian.com',
  26. 'axios.com',
  27. 'battle.net',
  28. 'bbc.com',
  29. 'behance.net',
  30. 'bestbuy.com',
  31. 'blogger.com',
  32. 'booking.com',
  33. 'buzzfeed.com',
  34. 'canva.com',
  35. 'cnn.com',
  36. 'codecademy.com',
  37. 'constantcontact.com',
  38. 'coursera.org',
  39. 'deviantart.com',
  40. 'discord.com',
  41. 'docusign.com',
  42. 'dribbble.com',
  43. 'dropbox.com',
  44. 'duolingo.com',
  45. 'ebay.com',
  46. 'edx.org',
  47. 'engadget.com',
  48. 'epicgames.com',
  49. 'etsy.com',
  50. 'eurogamer.net',
  51. 'facebook.com',
  52. 'figma.com',
  53. 'flickr.com',
  54. 'forbes.com',
  55. 'framer.com',
  56. 'freecodecamp.org',
  57. 'gamespot.com',
  58. 'gettyimages.com',
  59. 'github.com',
  60. 'gizmodo.com',
  61. 'gog.com',
  62. 'hubspot.com',
  63. 'huffpost.com',
  64. 'humblebundle.com',
  65. 'ign.com',
  66. 'ikea.com',
  67. 'imdb.com',
  68. 'imgur.com',
  69. 'instagram.com',
  70. 'intuit.com',
  71. 'invisionapp.com',
  72. 'itch.io',
  73. 'khanacademy.org',
  74. 'kotaku.com',
  75. 'lifehacker.com',
  76. 'linkedin.com',
  77. 'lynda.com',
  78. 'mailchimp.com',
  79. 'mashable.com',
  80. 'masterclass.com',
  81. 'medium.com',
  82. 'microsoft.com',
  83. 'mozilla.org',
  84. 'msn.com',
  85. 'netflix.com',
  86. 'nytimes.com',
  87. 'origin.com',
  88. 'paypal.com',
  89. 'pcgamer.com',
  90. 'pexels.com',
  91. 'pinterest.com',
  92. 'pixabay.com',
  93. 'pluralsight.com',
  94. 'polygon.com',
  95. 'quora.com',
  96. 'reddit.com',
  97. 'salesforce.com',
  98. 'samsung.com',
  99. 'shutterstock.com',
  100. 'sketch.com',
  101. 'skillshare.com',
  102. 'skype.com',
  103. 'slack.com',
  104. 'soundcloud.com',
  105. 'spotify.com',
  106. 'stackoverflow.com',
  107. 'steamcommunity.com',
  108. 'surveymonkey.com',
  109. 'target.com',
  110. 'techcrunch.com',
  111. 'theguardian.com',
  112. 'theverge.com',
  113. 'tiktok.com',
  114. 'trello.com',
  115. 'tripadvisor.com',
  116. 'tumblr.com',
  117. 'twitch.tv',
  118. 'twitter.com',
  119. 'udemy.com',
  120. 'unsplash.com',
  121. 'Vice.com',
  122. 'vimeo.com',
  123. 'vk.com',
  124. 'vox.com',
  125. 'walmart.com',
  126. 'washingtonpost.com',
  127. 'whatsapp.com',
  128. 'wikimedia.org',
  129. 'wikipedia.org',
  130. 'wired.com',
  131. 'wordpress.com',
  132. 'wsj.com',
  133. 'yahoo.com',
  134. 'yelp.com',
  135. 'youtube.com',
  136. 'zapier.com',
  137. 'zendesk.com',
  138. 'zeplin.io',
  139. 'zoom.us',
  140. 'google.com'
  141. // Add more trusted websites or domains here
  142. ];
  143.  
  144. // Store the original URL
  145. const originalUrl = window.location.href;
  146.  
  147. // Flag to track if the script has been activated
  148. let scriptActivated = false;
  149.  
  150. // Function to log actions
  151. function logAction(message) {
  152. console.log(message);
  153. }
  154.  
  155. // Function to check if a website is trusted
  156. function isTrustedWebsite(url) {
  157. return trustedWebsites.some(website => url.includes(website));
  158. }
  159.  
  160. // Function to handle redirection
  161. function handleRedirect(event) {
  162. // Check if the URL has changed
  163. if (window.location.href !== originalUrl && !scriptActivated) {
  164. // Check if the current website is trusted
  165. if (isTrustedWebsite(window.location.href)) {
  166. // Allow the redirect on trusted websites
  167. return;
  168. }
  169.  
  170. // Set the script activation flag
  171. scriptActivated = true;
  172.  
  173. // Stop the redirection
  174. event.preventDefault();
  175. event.stopPropagation();
  176.  
  177. // Log the action
  178. logAction('Nefarious redirection stopped.');
  179. }
  180. }
  181.  
  182. // Function to continuously check for URL changes
  183. function checkUrlChange() {
  184. if (window.location.href !== originalUrl && !scriptActivated) {
  185. // Check if the current website is trusted
  186. if (isTrustedWebsite(window.location.href)) {
  187. // Allow the redirect on trusted websites
  188. return;
  189. }
  190.  
  191. // Set the script activation flag
  192. scriptActivated = true;
  193.  
  194. // Push the original URL into the browser history
  195. window.history.pushState(null, null, originalUrl);
  196.  
  197. // Replace the current URL with the original URL
  198. window.history.replaceState(null, null, originalUrl);
  199.  
  200. // Log the action
  201. logAction('Nefarious redirection stopped. Original URL loaded.');
  202. }
  203.  
  204. // Reset the script activation flag
  205. scriptActivated = false;
  206.  
  207. // Schedule the next check
  208. setTimeout(checkUrlChange, 100);
  209. }
  210.  
  211. // Listen for the beforeunload event (forward direction)
  212. window.addEventListener('beforeunload', handleRedirect);
  213.  
  214. // Listen for the popstate event (backward direction)
  215. window.addEventListener('popstate', handleRedirect);
  216.  
  217. // Start checking for URL changes
  218. checkUrlChange();
  219. })();