-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
__css_exfil_protection_filtered_styles #3
Comments
That sheet is used for both FF and Chrome... it's the sheet that contains all the filtered styles. I didn't think about how it could be potentially used to detect the plugin though. I'm utilizing that class for a bigger modification I'm working on, but it may be possible to edit it to a randomly generated string on each load. Will do some thinking / experimentation on this. BTW - I just rolled out 1.0.7 of the plugin which included your patch. Thanks! |
Oh okay if it's for something you're still working on then it makes sense. It's just that I noticed the node was always empty and seemingly unused when I inspected the page on both your own test site and the keylogger demo. And in the Firefox version you're not accessing it via the class name anywhere. |
It's strange, I've also noticed that the node in both Chrome and Firefox appears empty in the inspector, but it is indeed the node that contains all the filtered styles (if there are any). You can't see this unless you look at one of the elements whose style has been blocked. Once you do you will see that node referenced with the new CSS override. I like the idea about randomizing the class on load... So I'll integrate that in with the next release -- assuming I don't run into major issues doing so. |
Thanks for explaining. Strange indeed. |
https://github.com/mlgualtieri/CSS-Exfil-Protection/search?q=__css_exfil_protection_filtered_styles
this doesn't seem to be used in the Firefox version but it makes it easy for a site to detect that the addon is used. Can this be removed, at least from the FF version?
The text was updated successfully, but these errors were encountered: