Stop Nefarious Redirects

Detects and stops nefarious URL redirections, allows redirects on trusted websites, and logs the actions

当前为 2024-04-29 提交的版本,查看 最新版本

  1. // ==UserScript==
  2. // @name         Stop Nefarious Redirects
  3. // @namespace    http://tampermonkey.net/
  4. // @version      2.78.2
  5. // @description  Detects and stops nefarious URL redirections, allows redirects on trusted websites, and logs the actions
  6. // @match        http://*/*
  7. // @match        https://*/*
  8. // @grant        none
  9. // @license      MIT
  10. // ==/UserScript==
  11.  
  12. (function() {
  13.     'use strict';
  14.  
  15.     // List of trusted websites or domains where redirects are allowed
  16.     const trustedWebsites = [
  17.         '500px.com',
  18.         'adobe.com',
  19.         'amazon.com',
  20.         'apple.com',
  21.         'arstechnica.com',
  22.         'artstation.com',
  23.         'asana.com',
  24.         'atlassian.com',
  25.         'axios.com',
  26.         'battle.net',
  27.         'bbc.com',
  28.         'behance.net',
  29.         'bestbuy.com',
  30.         'blogger.com',
  31.         'booking.com',
  32.         'buzzfeed.com',
  33.         'canva.com',
  34.         'cnn.com',
  35.         'codecademy.com',
  36.         'constantcontact.com',
  37.         'coursera.org',
  38.         'deviantart.com',
  39.         'discord.com',
  40.         'docusign.com',
  41.         'dribbble.com',
  42.         'dropbox.com',
  43.         'duolingo.com',
  44.         'ebay.com',
  45.         'edx.org',
  46.         'engadget.com',
  47.         'epicgames.com',
  48.         'etsy.com',
  49.         'eurogamer.net',
  50.         'facebook.com',
  51.         'figma.com',
  52.         'flickr.com',
  53.         'forbes.com',
  54.         'framer.com',
  55.         'freecodecamp.org',
  56.         'gamespot.com',
  57.         'gettyimages.com',
  58.         'github.com',
  59.         'gizmodo.com',
  60.         'gog.com',
  61.         'hubspot.com',
  62.         'huffpost.com',
  63.         'humblebundle.com',
  64.         'ign.com',
  65.         'ikea.com',
  66.         'imdb.com',
  67.         'imgur.com',
  68.         'instagram.com',
  69.         'intuit.com',
  70.         'invisionapp.com',
  71.         'itch.io',
  72.         'khanacademy.org',
  73.         'kotaku.com',
  74.         'lifehacker.com',
  75.         'linkedin.com',
  76.         'lynda.com',
  77.         'mailchimp.com',
  78.         'mashable.com',
  79.         'masterclass.com',
  80.         'medium.com',
  81.         'microsoft.com',
  82.         'mozilla.org',
  83.         'msn.com',
  84.         'netflix.com',
  85.         'nytimes.com',
  86.         'origin.com',
  87.         'paypal.com',
  88.         'pcgamer.com',
  89.         'pexels.com',
  90.         'pinterest.com',
  91.         'pixabay.com',
  92.         'pluralsight.com',
  93.         'polygon.com',
  94.         'quora.com',
  95.         'reddit.com',
  96.         'salesforce.com',
  97.         'samsung.com',
  98.         'shutterstock.com',
  99.         'sketch.com',
  100.         'skillshare.com',
  101.         'skype.com',
  102.         'slack.com',
  103.         'soundcloud.com',
  104.         'spotify.com',
  105.         'stackoverflow.com',
  106.         'steamcommunity.com',
  107.         'surveymonkey.com',
  108.         'target.com',
  109.         'techcrunch.com',
  110.         'theguardian.com',
  111.         'theverge.com',
  112.         'tiktok.com',
  113.         'trello.com',
  114.         'tripadvisor.com',
  115.         'tumblr.com',
  116.         'twitch.tv',
  117.         'twitter.com',
  118.         'udemy.com',
  119.         'unsplash.com',
  120.         'Vice.com',
  121.         'vimeo.com',
  122.         'vk.com',
  123.         'vox.com',
  124.         'walmart.com',
  125.         'washingtonpost.com',
  126.         'whatsapp.com',
  127.         'wikimedia.org',
  128.         'wikipedia.org',
  129.         'wired.com',
  130.         'wordpress.com',
  131.         'wsj.com',
  132.         'yahoo.com',
  133.         'yelp.com',
  134.         'youtube.com',
  135.         'zapier.com',
  136.         'zendesk.com',
  137.         'zeplin.io',
  138.         'zoom.us',
  139.         'google.com'
  140.         // Add more trusted websites or domains here
  141.     ];
  142.  
  143.     // Store the original URL
  144.     const originalUrl = window.location.href;
  145.  
  146.     // Flag to track if the script has been activated
  147.     let scriptActivated = false;
  148.  
  149.     // Function to log actions
  150.     function logAction(message) {
  151.         console.log(`[Stop Nefarious Redirects] ${message}`);
  152.     }
  153.  
  154.     // Function to check if a website is trusted
  155.     function isTrustedWebsite(url) {
  156.         return trustedWebsites.some(website => url.includes(website));
  157.     }
  158.  
  159.     // Function to handle redirection
  160.     function handleRedirect(event) {
  161.         // Check if the current website is trusted
  162.         if (isTrustedWebsite(window.location.href)) {
  163.             // Allow the redirect on trusted websites
  164.             return;
  165.         }
  166.  
  167.         if (!scriptActivated) {
  168.             // Set the script activation flag
  169.             scriptActivated = true;
  170.  
  171.             // Log the redirection details
  172.             logAction(`Redirection detected:`);
  173.             logAction(`Original URL: ${originalUrl}`);
  174.             logAction(`Attempted Redirect URL: ${window.location.href}`);
  175.             logAction(`Redirection Method: ${event.type}`);
  176.  
  177.             // Stop the redirection
  178.             event.preventDefault();
  179.             event.stopPropagation();
  180.  
  181.             // Disable all inputs that can cause redirection
  182.             disableInputs();
  183.  
  184.             // Load the original URL after a 100ms delay
  185.             setTimeout(function() {
  186.                 window.location.href = originalUrl;
  187.                 logAction(`Original URL loaded: ${originalUrl}`);
  188.             }, 100);
  189.         }
  190.     }
  191.  
  192.     // Function to disable all inputs that can cause redirection
  193.     function disableInputs() {
  194.         // Disable clicks
  195.         document.addEventListener('click', function(event) {
  196.             event.preventDefault();
  197.             event.stopPropagation();
  198.         }, true);
  199.  
  200.         // Disable form submissions
  201.         document.addEventListener('submit', function(event) {
  202.             event.preventDefault();
  203.             event.stopPropagation();
  204.         }, true);
  205.  
  206.         // Disable keypresses
  207.         document.addEventListener('keypress', function(event) {
  208.             event.preventDefault();
  209.             event.stopPropagation();
  210.         }, true);
  211.  
  212.         // Disable touch events
  213.         document.addEventListener('touchstart', function(event) {
  214.             event.preventDefault();
  215.             event.stopPropagation();
  216.         }, true);
  217.  
  218.         logAction('All inputs disabled.');
  219.     }
  220.  
  221.     // Listen for the popstate event (backward direction)
  222.     window.addEventListener('popstate', handleRedirect);
  223.  
  224.     // Listen for the hashchange event
  225.     window.addEventListener('hashchange', handleRedirect);
  226.  
  227.     // Start monitoring for redirects
  228.     logAction(`Script started. Original URL: ${originalUrl}`);
  229. })();