Open Lekensteyn opened 6 years ago
@IAMEVANHE AFAIK that was limited to the Chrome extension, I don't know when the Firefox extension started getting such malicious behavior.
Well, you can modify/remove fishy code to make it not spyware.
@sparskakyl You are missing the point.
"Vertrouwen komt te voet en vertrekt te paard." [nl] "Once bitten, twice shy"
There is no way I am ever going to use this extension again. Perhaps Stylus, but for now I have replaced the styles that I still use by some Greasemonkey scripts. For example:
// ==UserScript==
// @name Style: Show Bugzilla attachment ID
// @namespace https://lekensteyn.nl/
// @match https://bugs.wireshark.org/*
// @version 1
// @grant none
// ==/UserScript==
((css) => {
let style = document.createElement("style");
style.textContent = css;
document.body.appendChild(style);
})(`
a[href^="#attach_"]:before {
font-size: medium;
content: attr(href) ": ";
}
`);
The original author sold the name and mozilla addon repo access to a data mining company. He was fully aware where this was going and left the users in the dark which did not activaly search for this information.
I blame @JasonBarnabe just as much as this company for this move!
Hi users of Stylish,
It appears that the Stylish extension (based on the code in this repo) has gained tracking code. Using Rob's excellent CRX Viewer I noticed some fishy code in
src/background.js
that was loaded on startup and code that was injected in every Google search page. Effects:Recommended steps:
Proof: https://twitter.com/Lekensteyn/status/1014307299475763201 More details: https://robertheaton.com/2018/07/02/stylish-browser-extension-steals-your-internet-history/ https://bugzilla.mozilla.org/show_bug.cgi?id=1472948
Relevant extract for the first issue (
src/background.js
):