Extra caution is recommended when installing recently uploaded/updated scripts (read more)
Be sure you trust any scripts you install
Gone Phishing
Show real links, not phishing attempts
!http://img60.imageshack.us/img60/5426/greasemonkeyscreenshot1qh.png!
|
|
Thanks for the feedback nitro322. Let me explain why I don't think your examples should be updated: link: http://www.evilsite.net/ Technically, "www.goodsite.net" is not an URL. I don't trust that to begin with ;-). We could scan for text that begins with 'www', but the next thing would be to include 'secure', 'images', etc. What about this? link: http://evilsite.com/
As you can see, it's getting tricky. link: http://www.evilsite.net/ See above. This URL is not really trying to trick you that much. Following this example (and taking it to extremes) this would be incorrect too: link: http://www.evilsite.com/contact.html
link: http://www.goodsite.net/evilpage The same thing as above applies here. This isn't really a fishing attempt. We're on the same domain, so the least we can do is trust the server. The "evilpage" shouldn't be on the "goodsite.net" to begin with ;-) |
|
|
By the way, the link/text pairs in my example should have all been plain text. The userscript.org website translated them into links. I'd recommend not clicking on any of them as I really don't know where they lead. |
|
|
B10m, I've been using this script for a while now. Very cool idea; thanks for making it available. I've recently been testing it, though, and I noticed a few cases where it will fail. For example, take the following link/text pairs: link: http://www.evilsite.net/
link: http://www.evilsite.net/
link: http://www.goodsite.net/evilpage
In all three cases, your script will fail to report the discrepancy. I tried playing around with the source a bit to see if I could make this work, but I'm just not that good with Javascript. Any chance you could look into this and try to make your script a bit more robust? |
|
|
This is certainly one of the best Greasemonkey scripts that I've ever used. Personaly, I want to know what is hiding under the surface. So, this script has made it much easier for me to detect suspicious Web pages. If you are using the "Redirect Remover" extension (which I am doing), it will be even better to have this script installed since "Gone Fishing" will act as an early-warning-system when you click on a suspicious link. I recommend them both! If you want the extension to work, you have to configure it in a certain way. For best result, go to the "Highlighting" tab and untick the first checkbox (...containing a removed redirect). For the uncleaned section, just use yellow as background. Sorry for the looong comment! B10m you rock!! :) |
|
|
Updated, thanks a bunch. |
|
|
Works great, and a great idea. Thanks! One little nit... The script was turning up false positives over differences in case, which I think is unnecessary. That situation crops up more often than you might think; about 2/3 of the warnings I was seeing were for that. I put ".toLowerCase()" on each of the operands to the main string compare to stop that. |
You could comment on this script if you were logged in.
