| 日時: | 2023-01-15 |
|---|---|
| 作: | @voluntas |
| バージョン: | 2023.1 |
| url: | https://voluntas.github.io/ |
この資料は以下の製品の宣伝を含みます。
Syoichi Tsuyuhara syoichi
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git xpi/chrome/content/library/utility.js xpi/chrome/content/library/utility.js | |
| index 180c382..9520b19 100755 | |
| --- xpi/chrome/content/library/utility.js | |
| +++ xpi/chrome/content/library/utility.js | |
| @@ -872,7 +872,7 @@ function simpleRequest(url, opt) { | |
| if (file instanceof IFile) { | |
| // https://developer.mozilla.org/en-US/docs/Extensions/Using_the_DOM_File_API_in_chrome_code | |
| - file = sendContent[key] = new File(file); | |
| + file = sendContent[key] = File.createFromNsIFile(file); |
mala
/ autofill_ui.md
Last active
January 19, 2017 07:02
暮らしに役立つITコラム ChromeやSafariの自動入力機能が、なぜ「悪いデザイン」なのか
見た目の上で、隠されているフィールドに対しても自動入力してしまうという問題が話題になっている(2017年1月)
のだけれど、この問題の歴史はとても古い。自分も調査したり問題を報告したりしているので、振り返ってみる。
2012年4月のShibuya.XSS #1 https://atnd.org/events/25689 で、Hamachiya2が発表した
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==Taberareloo== | |
| // { | |
| // "name" : "Scrapbox Model" | |
| // , "description" : "Post to scrapbox.io" | |
| // , "include" : ["background", "content"] | |
| // , "match" : ["*://scrapbox.io/*"] | |
| // , "version" : "0.4.4" | |
| // , "downloadURL" : "https://gist.githubusercontent.com/ailispaw/2f791f1fb49087861e3dce05fae8aedc/raw/model.scrapbox.tbrl.js" | |
| // } | |
| // ==/Taberareloo== |
Chrome ExtensionのLive HTTP Headersを調査した。Firefox用のものではない。Firefox用のものではない。
11/7追記
- 類似 or 同様の方法で難読化scriptを埋め込んでいる拡張機能が大量にあったため、Googleに報告済み。
- https://twitter.com/bulkneets/status/795260268221636608
Summary in english.
mala
/ cors_killer.js
Last active
November 4, 2016 17:58
responseURLに対応していないライブラリを使っているときにクロスドメイン通信を無理やり止める
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // responseURLに対応していないライブラリを使っているときにクロスドメイン通信を無理やり止める | |
| // https://github.com/jquery/jquery/pull/1615 | |
| // responseURL | |
| // https://bugzilla.mozilla.org/show_bug.cgi?id=998076 | |
| // https://bugs.chromium.org/p/chromium/issues/detail?id=377583 | |
| // https://bugs.webkit.org/show_bug.cgi?id=136938 | |
| new function(){ |
marcysutton
/ chrome-a11y-experiment-instructions.md
Last active
January 31, 2023 22:07
Enable Chrome Accessibility Experiment
NOTE: This is no longer an experiment! You can use the accessibility inspector in Chrome Devtools now, including a fantastic color contrast inspection tool. Read more: https://developers.google.com/web/updates/2018/01/devtools#a11y
Just like any good element inspector helps you debug styles, accessibility inspection in the browser can help you debug HTML and ARIA exposed for assistive technologies such as screen readers. There's a similar tool in Safari (and reportedly one in Edge) but I like the Chrome one best.
As an internal Chrome experiment, this tool differs from the Accessibility Developer Tools extension in that it has privileged Accessibility API access and reports more information as a result. You can still use the audit feature in the Chrome Accessibility Developer Tools, or you could use the aXe Chrome extension. :)
To enable the accessibility inspector in Chrome stable:
mono0x
/ patch.extractor.flickr.tbrl.js
Last active
July 4, 2016 01:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==Taberareloo== | |
| // { | |
| // "name" : "Patches for Flickr" | |
| // , "description" : "Patches for Flickr" | |
| // , "include" : ["content"] | |
| // , "match" : ["*://www.flickr.com/*"] | |
| // , "version" : "0.0.1" | |
| // , "downloadURL" : "https://gist.githubusercontent.com/mono0x/06ef86dbc7618d0c4082c4f34561d272/raw/patch.extractor.flickr.tbrl.js" | |
| // } | |
| // ==/Taberareloo== |
ailispaw
/ model.wikihub.rac.tbrl.js
Last active
January 6, 2020 13:10
— forked from dlwr/model.wikihub.rac.tbrl.js
投稿先に https://rac.wikihub.io を追加するtaberarelooパッチ
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==Taberareloo== | |
| // { | |
| // "name" : "WikiHub Model for RAC Articles" | |
| // , "description" : "Post an article to https://rac.wikihub.io/articles" | |
| // , "include" : ["background"] | |
| // , "version" : "0.0.2" | |
| // , "downloadURL" : "https://raw.githubusercontent.com/dlwr/model.wikihub.rac.tbrl.js/master/model.wikihub.rac.tbrl.js" | |
| // } | |
| // ==/Taberareloo== |
dlwr
/ model.wikihub.rac.tbrl.js
Last active
June 23, 2016 10:13
https://github.com/dlwr/model.wikihub.rac.tbrl.js/blob/master/model.wikihub.rac.tbrl.js に移動しました。投稿先に https://rac.wikihub.io を追加するtaberarelooパッチ
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==Taberareloo== | |
| // { | |
| // "name" : "WikiHub Model for RAC Articles" | |
| // , "description" : "Post an article to https://rac.wikihub.io/articles" | |
| // , "include" : ["background"] | |
| // , "version" : "0.0.2" | |
| // , "downloadURL" : "https://gist.githubusercontent.com/raw/87ea769b18357185f27babb24e471a31/model.wikihub.rac.tbrl.js" | |
| // } | |
| // ==/Taberareloo== |
NewerOlder