Stop Nefarious Redirects

Block unauthorized redirects and prevent history manipulation

当前为 2024-05-07 提交的版本,查看 最新版本

  1. // ==UserScript==
  2. // @name Stop Nefarious Redirects
  3. // @namespace http://tampermonkey.net/
  4. // @version 3.83
  5. // @description Block unauthorized redirects and prevent history manipulation
  6. // @match http://*/*
  7. // @match https://*/*
  8. // @grant GM_setValue
  9. // @grant GM_getValue
  10. // @license MIT
  11. // @run-at document-start
  12. // ==/UserScript==
  13.  
  14. (function() {
  15.   'use strict';
  16.  
  17.   // Function to get the current blacklist
  18.   function getBlacklist() {
  19.     return new Set(GM_getValue('blacklist', []));
  20.   }
  21.  
  22.   // Function to add a URL to the blacklist
  23.   function addToBlacklist(url) {
  24.     let blacklist = getBlacklist();
  25.     if (!blacklist.has(url)) {
  26.       blacklist.add(url);
  27.       GM_setValue('blacklist', Array.from(blacklist));
  28.     }
  29.   }
  30.  
  31.   // Function to display the blacklist
  32.   function displayBlacklist() {
  33.     let blacklist = getBlacklist();
  34.     console.log('Current Blacklist:\n' + Array.from(blacklist).join('\n'));
  35.   }
  36.  
  37.   // Debounce function
  38.   function debounce(func, delay) {
  39.     let timeoutId;
  40.     return function(...args) {
  41.       clearTimeout(timeoutId);
  42.       timeoutId = setTimeout(() => func.apply(this, args), delay);
  43.     };
  44.   }
  45.  
  46.   // Function to handle navigation events
  47.   const handleNavigation = debounce(function(url) {
  48.     try {
  49.       if (!isUrlAllowed(url)) {
  50.         console.error('Blocked navigation to:', url);
  51.         addToBlacklist(url); // Add the unauthorized URL to the blacklist
  52.         if (lastKnownGoodUrl) {
  53.           window.location.replace(lastKnownGoodUrl);
  54.         }
  55.         return false;
  56.       } else {
  57.         console.log('Navigation allowed to:', url);
  58.         lastKnownGoodUrl = url;
  59.         return true;
  60.       }
  61.     } catch (error) {
  62.       console.error('Error in handleNavigation:', error);
  63.     }
  64.   }, 100);
  65.  
  66.   let lastKnownGoodUrl = window.location.href;
  67.   let navigationInProgress = false;
  68.  
  69.   // Monitor changes to window.location
  70.   ['assign', 'replace', 'href'].forEach(property => {
  71.     const original = window.location[property];
  72.     if (typeof original === 'function') {
  73.       window.location[property] = function(url) {
  74.         if (!navigationInProgress && handleNavigation(url)) {
  75.           navigationInProgress = true;
  76.           setTimeout(() => {
  77.             navigationInProgress = false;
  78.           }, 0);
  79.           return original.apply(this, arguments);
  80.         }
  81.       };
  82.     } else {
  83.       Object.defineProperty(window.location, property, {
  84.         set: function(url) {
  85.           if (!navigationInProgress && handleNavigation(url)) {
  86.             navigationInProgress = true;
  87.             setTimeout(() => {
  88.               navigationInProgress = false;
  89.             }, 0);
  90.             return Reflect.set(window.location, property, url);
  91.           }
  92.         },
  93.         get: function() {
  94.           return original;
  95.         },
  96.         configurable: true
  97.       });
  98.     }
  99.   });
  100.  
  101.   // Enhanced navigation control for back/forward buttons
  102.   window.addEventListener('popstate', function(event) {
  103.     if (!navigationInProgress && !isUrlAllowed(window.location.href)) {
  104.       navigationInProgress = true;
  105.       setTimeout(() => {
  106.         navigationInProgress = false;
  107.       }, 0);
  108.       event.preventDefault();
  109.     }
  110.   });
  111.  
  112.   // Function to handle history manipulation
  113.   function handleHistoryManipulation(originalMethod, data, title, url) {
  114.     if (!isUrlAllowed(url)) {
  115.       console.error('Blocked history manipulation to:', url);
  116.       return;
  117.     }
  118.     return originalMethod(data, title, url);
  119.   }
  120.  
  121.   // Wrap history.pushState and history.replaceState
  122.   const originalPushState = history.pushState;
  123.   const originalReplaceState = history.replaceState;
  124.  
  125.   history.pushState = function(data, title, url) {
  126.     return handleHistoryManipulation.call(history, originalPushState.bind(this), data, title, url);
  127.   };
  128.  
  129.   history.replaceState = function(data, title, url) {
  130.     return handleHistoryManipulation.call(history, originalReplaceState.bind(this), data, title, url);
  131.   };
  132.  
  133.   // Keyboard shortcut listener to display the blacklist
  134.   document.addEventListener('keydown', function(e) {
  135.     if (e.ctrlKey && e.shiftKey && e.key.toLowerCase() === 'l') {
  136.       e.preventDefault();
  137.       displayBlacklist();
  138.     }
  139.   });
  140.  
  141.   // Function to check if a URL is allowed based on the blacklist
  142.   function isUrlAllowed(url) {
  143.     let blacklist = getBlacklist();
  144.     return !blacklist.has(url);
  145.   }
  146.  
  147.   console.log('Redirect control script with blacklist initialized.');
  148. })();