Stop Nefarious Redirects

Detects and stops nefarious URL redirections, allows redirects on trusted websites, and logs the actions

当前为 2024-04-17 提交的版本,查看 最新版本

  1. // ==UserScript==
  2. // @name Stop Nefarious Redirects
  3. // @namespace http://tampermonkey.net/
  4. // @version 2.75
  5. // @description Detects and stops nefarious URL redirections, allows redirects on trusted websites, and logs the actions
  6. // @match http://*/*
  7. // @match https://*/*
  8. // @grant none
  9. // @license MIT
  10. // ==/UserScript==
  11.  
  12. (function() {
  13. 'use strict';
  14.  
  15. const trustedWebsites = [
  16. '500px.com', 'accuweather.com', 'adobe.com', 'adulttime.com', 'alibaba.com', 'amazon.com',
  17. 'amazonaws.com', 'amd.com', 'americanexpress.com', 'anaconda.com', 'angular.io', 'ap.org',
  18. 'apache.org', 'apnews.com', 'apple.com', 'arstechnica.com', 'artstation.com', 'asana.com',
  19. 'asus.com', 'atlassian.com', 'autodesk.com', 'axios.com', 'battle.net', 'bbc.co.uk', 'bbc.com',
  20. 'behance.net', 'bestbuy.com', 'bing.com', 'bitbucket.org', 'blogger.com', 'bloomberg.com',
  21. 'bmw.com', 'boeing.com', 'booking.co.uk', 'booking.com', 'bootstrapcdn.com', 'breitbart.com',
  22. 'buzzfeed.com', 'canva.com', 'capitalone.com', 'cbsnews.com', 'character.ai', 'chase.com',
  23. 'chaturbate.com', 'cisco.com', 'citi.com', 'cnbc.com', 'cnet.com', 'cnn.com', 'codecademy.com',
  24. 'constantcontact.com', 'coursera.org', 'craigslist.org', 'dailymail.co.uk', 'dell.com',
  25. 'deviantart.com', 'discord.com', 'disney.com', 'django.com', 'docker.com', 'docusign.com',
  26. 'dribbble.com', 'dropbox.com', 'duckduckgo.com', 'duolingo.com', 'duosecurity.com', 'ebay.com',
  27. 'economist.com', 'edx.org', 'elsevier.com', 'engadget.com', 'epicgames.com', 'eporner.com',
  28. 'espn.com', 'etsy.com', 'eurogamer.net', 'expedia.com', 'facebook.com', 'fandom.com', 'fedex.com',
  29. 'figma.com', 'finance.yahoo.com', 'flickr.com', 'flipkart.com', 'forbes.com', 'foxnews.com',
  30. 'framer.com', 'freecodecamp.org', 'gamespot.com', 'gartner.com', 'gettyimages.com', 'git-scm.com',
  31. 'github.com', 'gizmodo.com', 'go.com', 'godaddy.com', 'gog.com', 'goldmansachs.com', 'google.com',
  32. 'healthline.com', 'hilton.com', 'homedepot.com', 'hp.com', 'hubspot.com', 'huffpost.com',
  33. 'hulu.com', 'humblebundle.com', 'ibm.com', 'ieee.org', 'ifixit.com', 'ign.com', 'ikea.com',
  34. 'imdb.com', 'imgur.com', 'indeed.com', 'instagram.com', 'instructure.com', 'intel.com',
  35. 'intuit.com', 'invisionapp.com', 'itch.io', 'java.com', 'jetbrains.com', 'joomla.org',
  36. 'jquery.com', 'khanacademy.org', 'kotaku.com', 'kotlinlang.org', 'laravel.com', 'lenovo.com',
  37. 'lg.com', 'lifehacker.com', 'linkedin.com', 'live.com', 'lowes.com', 'lynda.com', 'macys.com',
  38. 'mailchimp.com', 'marriott.com', 'mashable.com', 'masterclass.com', 'mcdonalds.com', 'medium.com',
  39. 'mercedes-benz.com', 'microsoft.com', 'microsoftonline.com','mit.edu', 'mongodb.com', 'moodle.org',
  40. 'mozilla.org', 'msn.com', 'msnbc.com', 'nasa.gov', 'nationalgeographic.com', 'nbc.com', 'nbcnews.com',
  41. 'netflix.com', 'nextdoor.com', 'nih.gov', 'npr.org', 'nvidia.com','nypost.com', 'nytimes.com',
  42. 'office.com', 'okta.com', 'onlyfans.com', 'openai.com', 'oracle.com', 'oreilly.com', 'origin.com',
  43. 'outlook.com', 'overstock.com', 'patreon.com', 'paypal.com', 'pcgamer.com', 'pexels.com', 'php.net',
  44. 'pinterest.com', 'pixabay.com', 'pluralsight.com', 'polygon.com', 'pornhub.com', 'python.org',
  45. 'quizlet.com', 'quora.com', 'reactjs.org', 'realtor.com', 'reddit.com', 'redhat.com', 'roblox.com',
  46. 'rubyonrails.org', 'salesforce.com', 'samsung.co.kr', 'samsung.com', 'sap.com', 'sciencedirect.com',
  47. 'scopus.com', 'sears.com', 'sharepoint.com', 'shutterstock.com', 'siemens.com', 'sketch.com',
  48. 'skillshare.com', 'skype.com', 'slack.com', 'sony.com', 'soundcloud.com', 'spotify.com', 'spring.io',
  49. 'stackoverflow.com', 'steamcommunity.com', 'steampowered.com', 'surveymonkey.com', 'symantec.com',
  50. 'target.com', 'techcrunch.com', 'temu.com', 'tesla.com', 'texasinstruments.com', 'theguardian.com',
  51. 'thenextweb.com', 'theverge.com', 'tiktok.com', 'time.com', 'toyota.com', 'trello.com', 'trip.com',
  52. 'tripadvisor.com', 'tumblr.com', 'twitch.tv', 'twitter.com', 'uber.com', 'ucla.edu', 'ucsf.edu',
  53. 'udemy.com', 'unity.com', 'unsplash.com', 'ups.com', 'usatoday.com', 'usnews.com', 'usps.com',
  54. 'verizon.com', 'vice.com', 'Vice.com', 'vimeo.com', 'vk.com', 'vmware.com', 'volkswagen.com', 'vox.com',
  55. 'walmart.com', 'washingtonpost.com', 'weather.com', 'weather.gov', 'webmd.com', 'whatsapp.com',
  56. 'wikimedia.org', 'wikipedia.org', 'wired.com', 'wordpress.com', 'wsj.com', 'wunderground.com', 'x.com',
  57. 'xerox.com', 'xfinity.com', 'xhamster.com', 'xilinx.com', 'xnxx.com', 'xvideos.com', 'yahoo.com',
  58. 'yelp.com', 'youtube.com', 'zapier.com', 'zendesk.com', 'zeplin.io','zillow.com', 'zoom.us'
  59. ];
  60.  
  61. let originalUrl = window.location.href;
  62. let blockActive = false;
  63.  
  64. function logAction(message) {
  65. console.log(`[Stop Nefarious Redirects] ${message}`);
  66. }
  67.  
  68. function isTrustedWebsite(url) {
  69. const trusted = trustedWebsites.some(website => url.includes(website));
  70. logAction(`Checking if ${url} is trusted: ${trusted}`);
  71. return trusted;
  72. }
  73.  
  74. function restoreOriginalUrl() {
  75. window.location.href = originalUrl;
  76. logAction(`Restored to original URL: ${originalUrl}`);
  77. blockActive = false; // Reset the block after restoring the URL
  78. }
  79.  
  80. function handleRedirect() {
  81. const currentUrl = window.location.href;
  82. if (!isTrustedWebsite(currentUrl)) {
  83. if (!blockActive) {
  84. blockActive = true;
  85. logAction(`Untrusted redirect detected to ${currentUrl}. Blocking further actions.`);
  86. disableInputs();
  87. setTimeout(restoreOriginalUrl, 3000); // Wait 3 seconds before attempting to restore
  88. } else {
  89. logAction(`Blocking additional redirects while already handling untrusted redirection.`);
  90. }
  91. } else {
  92. logAction(`Navigation to trusted site ${currentUrl} allowed.`);
  93. originalUrl = currentUrl; // Update the original URL if it's a trusted redirection
  94. }
  95. }
  96.  
  97. function disableInputs() {
  98. document.body.style.pointerEvents = 'none';
  99. document.body.style.userSelect = 'none';
  100. document.addEventListener('click', e => e.stopPropagation(), true);
  101. document.addEventListener('submit', e => e.stopPropagation(), true);
  102. document.addEventListener('keypress', e => e.stopPropagation(), true);
  103. document.addEventListener('touchstart', e => e.stopPropagation(), true);
  104. document.addEventListener('scroll', e => e.stopPropagation(), true);
  105. logAction("All user inputs have been disabled.");
  106. }
  107.  
  108. setInterval(handleRedirect, 100); // Continuously check for redirects every 100 milliseconds
  109. })();