Stop Nasties
Prevents scripts from unencrypted sites doing some bad things.
Click here to install
Browse More Scripts
// ==UserScript==
// @name Stop Nasties
// @namespace 43cf75a3afd8fead3cb378d9502a19e1295dda96
// @version 0.6
// @description Prevents scripts from unencrypted sites doing some bad things.
// @author /u/AyrA_ch
// @include http://*
// @grant none
// @run-at document-start
// ==/UserScript==
// Changelog
// 0.6 - Prevent logging of same object multiple times
// 0.5 - Allows local addresses
// 0.4 - Enable and disable feature
// 0.3 - Log script activity in console
// 0.2 - Don't run on localhost
// 0.1 - Initial Version
// =========
(function () {
'use strict';
var stringify = function (root, indent) {
//Key that represents cyclic value. {KEY} is replaced with the key of the first occurence
var REC = "[CYCLIC:{KEY}]";
//Root node
var ROOT = "<ROOT>";
//Checks if the value has been parsed already
var isParsed = function (value, parsed) {
return typeof(value) == "object" && parsed.filter(function (v) {
return v.value === value
}).length > 0;
};
//Gets the key of a parsed value
var getKey = function (value, parsed) {
return isParsed(value, parsed) ? parsed.filter(function (v) {
return v.value === value;
})[0].key : ".";
};
//Parses a possibly cyclic object
var parse = function (obj, parsed, indent) {
return JSON.stringify(obj, function (k, v) {
//Remove unnecessary types
if (v === undefined || typeof(v) === "function") {
return undefined;
}
//prevent executing of recursion check for null (because it's object)
if (v && typeof(v) === "object") {
if (isParsed(v, parsed)) {
//Return replacement for parsed objects
return REC.replace(/\{KEY\}/, getKey(v, parsed));
}
parsed.push({
key: k ? "." + k : ROOT,
value: v
});
}
//Return non-cyclic value as-is
return v;
}, indent ? indent : 0);
};
return parse(root, [], indent);
};
var isLocal = function (x) {
var locals = [
//127.x.x.x
/^127\.\d+\.\d+\.\d+$/,
//::1
/^::1$/,
//192.168.x.x
/^192\.168\.\d+\.\d+$/,
//10.x.x.x
/^10\.\d+\.\d+\.\d+$/,
//172.16.x.x - 172.31.x.x
/^172\.(1[6-9]|2\d|3[01])\.\d+\.\d+$/,
//169.254.x.x
/^169\.254\.\d+\.\d+$/
];
//localhost and .local domain
if (x === "localhost" || x.split('.').pop() == "local") {
return true;
}
//Local IP addresses
if (locals.filter(function (v) {
return !!x.match(v);
}).length > 0) {
return true;
}
return false;
};
var disabled = !!localStorage.getItem("nasty-disabled");
if (!disabled) {
if (isLocal(location.hostname.toLowerCase())) {
console.warn(location.hostname, "is unsafe but a local address. Leaving JS Features enabled");
} else {
//Scripts still assume the return value is a number
//To do this, run a fake function and return the timeout id.
//Timeouts and intervals share the same Id pool.
var oldTimeout = window.setTimeout;
var dummyTimeout = function (a, b) {
return oldTimeout(function () {}, b);
};
var toArray = function (x) {
return Array.prototype.slice.call(x, 0);
};
var logged = [];
var consoleMethods = {
log: console.log,
debug: console.debug,
dir: console.dir,
info: console.info,
warn: console.warn,
error: console.error
};
var doLog = function (args) {
for (var i = 0; i < args.length; i++) {
var a = args[i];
if (logged.indexOf(stringify(a)) >= 0) {
return false;
} else {}
}
return true;
};
for (var i = 0; i < Object.keys(consoleMethods); i++) {
var k = Object.keys(consoleMethods)[i];
var f = function () {
var args = toArray(arguments);
if (doLog(args)) {
args.forEach(function (v) {
logged.push(stringify(v));
});
consoleMethods[this.type].apply(console, args);
}
};
f.type = k;
f = f.bind(f);
console[k] = f;
}
//Note: The "unescape(...)" is totally unnecessary for functionality,
//but prevents the Editor from complaining that "eval" and "document.write" are unsafe
//Prevent Clearing of the console
window.console.clear = function () {};
//Do nothing
document[unescape("write")] = consoleMethods.debug.bind(console, "document.write prevented. Data:");
//Do nothing
window[unescape("eval")] = consoleMethods.debug.bind(console, "eval prevented:");
//Return fake id
window.setInterval = function () {
consoleMethods.debug.apply(console, ["setInterval prevented:"].concat(toArray(arguments)));
return dummyTimeout.apply(this, toArray(arguments));
};
//Return fake id
window.setTimeout = function () {
consoleMethods.debug.apply(console, ["setTimeout prevented:"].concat(toArray(arguments)));
return dummyTimeout.apply(this, toArray(arguments));
};
window.nasties = {
disable: function () {
localStorage.setItem("nasty-disabled", "1");
location.reload();
}
};
consoleMethods.warn(location.hostname, "is unsafe. Stop Nasties script is active, if important functionality is broken, call nasties.disable() (will reload)");
}
} else {
console.warn(location.hostname, "is unsafe. Stop Nasties script is disabled, call nasties.enable() to enable protection (will reload)");
window.nasties = {
enable: function () {
localStorage.removeItem("nasty-disabled");
location.reload();
}
};
}
})();
/*
LICENSE:
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
The full license text can be found here: http://creativecommons.org/licenses/by-nc-sa/4.0/
The link has an easy to understand version of the license and the full license text.
DISCLAIMER:
THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
THE POSSIBILITY OF SUCH DAMAGE.
*/
User Script Managers
A userscript manager is the browser extension that injects scripts into websites
to change their behavior to your liking.
Recommendation
All scripts on this site have been developed and tested with Tampermonkey on firefox.
Try other browsers and other script managers at your own risk.
No script should use firefox or chrome specific features,
which means they should also work in other modern browsers.
If you prefer, you can use greasemonkey.
Get Tampermonkey,
Get Greasemonkey (Firefox only)
Script Installation
Once you have obtained a user script manager,
clicking on the install button will pop up an installation prompt.
To allow script manager detection,
you can install this helper script.
It's not necessary but simplifies your future visits to this site.
Script Installation
We detected, that you have a script manager installed and active.
Click the "Install Script" button to obtain the script.