Last active
November 29, 2022 07:33
-
-
Save Wintus/94431fdd7fd8093dc99ab46a5a894d7e to your computer and use it in GitHub Desktop.
Insecure Cookie Finder Extension by Plasmo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* @see https://docs.plasmo.com/browser-extension/background-service-worker | |
*/ | |
import type { Message } from "~message"; | |
/** | |
* @see https://developer.chrome.com/docs/extensions/reference/tabs/#event-onUpdated | |
*/ | |
type Listener = chrome.tabs.TabUpdatedEvent extends chrome.events.Event<infer T> | |
? T | |
: never; | |
/** | |
* uses {@link https://developer.chrome.com/docs/extensions/reference/cookies/} | |
* @see https://developer.chrome.com/docs/extensions/reference/tabs/ | |
* @see https://developer.chrome.com/docs/extensions/mv3/manifest/activeTab/ | |
*/ | |
const listener: Listener = async (tabId, { status }, tab) => { | |
console.debug("tab:", tab); | |
if (status !== "complete" || !tab.url) { | |
console.debug("not ready"); | |
return; | |
} | |
const cookies = await chrome.cookies.getAll({ url: tab.url }); | |
console.log("all cookies:"); | |
console.table(cookies); | |
const insecure = cookies.filter((cookie) => !cookie.secure); | |
console.log("insecure cookies:"); | |
console.table(insecure); | |
const message: Message = { cookie: { insecure } }; | |
await chrome.tabs.sendMessage(tabId, message); | |
console.debug("sent to active tab"); | |
}; | |
chrome.tabs.onUpdated.addListener(listener); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import type { PlasmoContentScript } from "plasmo"; | |
import type { Message } from "~message"; | |
// noinspection HttpUrlsUsage | |
/** | |
* @see https://developer.chrome.com/docs/extensions/mv3/content_scripts/ | |
* @see https://docs.plasmo.com/browser-extension/content-scripts#config | |
*/ | |
export const config: PlasmoContentScript = { | |
matches: ["https://*/*", "http://*/*"] | |
}; | |
/** | |
* @see https://developer.chrome.com/docs/extensions/mv3/messaging/ | |
* @see https://developer.chrome.com/docs/extensions/reference/runtime/#event-onMessage | |
*/ | |
const listener = async ({ cookie: { insecure } }: Message) => { | |
// guard | |
if (insecure.length <= 0) { | |
return; | |
} | |
console.log("insecure cookies found!"); | |
console.log("cookies:"); | |
console.table(insecure); | |
}; | |
chrome.runtime.onMessage.addListener(listener); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
export type Message = { | |
cookie: { | |
insecure: chrome.cookies.Cookie[]; | |
}; | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"name": "cookie-security", | |
"displayName": "Cookie security", | |
"version": "0.0.0", | |
"description": "A basic Plasmo extension.", | |
"author": "wint", | |
"packageManager": "pnpm@7.16.1", | |
"scripts": { | |
"dev": "plasmo dev", | |
"build": "plasmo build", | |
"package": "plasmo package" | |
}, | |
"dependencies": { | |
"plasmo": "^0.59.1", | |
"react": "^18.2.0", | |
"react-dom": "^18.2.0" | |
}, | |
"devDependencies": { | |
"@plasmohq/prettier-plugin-sort-imports": "^3.6.0", | |
"@types/chrome": "^0.0.202", | |
"@types/node": "^18.11.9", | |
"@types/react": "^18.0.25", | |
"@types/react-dom": "^18.0.9", | |
"prettier": "^2.7.1", | |
"typescript": "^4.9.3" | |
}, | |
"manifest": { | |
"permissions": [ | |
"cookies", | |
"activeTab" | |
], | |
"host_permissions": [ | |
"https://*/*", | |
"http://*/*" | |
] | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ref.