rocketshipapps / hardenedpaste

[Retired] Hardened Paste is a browser extension that prevents the “pastejacking” exploit.
http://hardenedpaste.com/
GNU General Public License v3.0
30 stars 3 forks source link
bash chrome chrome-extension documentation frontend html javascript json security shell

Logo Hardened Paste

Hardened Paste is a browser extension from the creator of Adblock Fast, Disconnect, and Facebook Disconnect that prevents the “pastejacking” exploit. Pastejacking otherwise allows a malicious webpage (this is a proof of concept) to copy arbitrary content to your clipboard. The extension mitigates this threat by providing a shim that overrides exploitable JavaScript methods. Hardened Paste’s toolbar icon animates whenever a potential attack is detected and stopped.

To get started:

  1. Install Hardened Paste for Chrome (an Opera port is in review).

  2. Verify that installing the extension has patched the exploit (you may have to use your keyboard to copy, pressing Control-C with Windows or *nix or Command-C with OS X, to trigger an attack).

  3. Follow Hardened Paste on Facebook or on Twitter for app news.

Hardened Paste includes the port.js library.

Pull requests are welcome!

License

Copyright 2016 Rocketship

This program is free software, excluding the brand features identified in the Exceptions below: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Exceptions

The Hardened Paste and Rocketship logos, trademarks, domain names, and other brand features used in this program cannot be reused without permission and no license is granted thereto.