movie-web/extension
1
0
Fork 0
mirror of https://github.com/movie-web/extension.git synced 2025-09-13 12:43:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: movie-web:finalize-extension
Branches Tags
movie-web:dev movie-web:master movie-web:fix-android movie-web:finalize-extension movie-web:perms movie-web:less-permissions movie-web:fix-firefox-and-brave
movie-web:1.1.4 movie-web:1.1.3 movie-web:1.1.2 movie-web:1.1.1 movie-web:1.1.0 movie-web:1.0.3 movie-web:1.0.2 movie-web:1.0.1
...
compare: movie-web:434b2475cb9c3935b2d709e84ef36a312e1816d1
Branches Tags
movie-web:dev movie-web:master movie-web:fix-android movie-web:finalize-extension movie-web:perms movie-web:less-permissions movie-web:fix-firefox-and-brave
movie-web:1.1.4 movie-web:1.1.3 movie-web:1.1.2 movie-web:1.1.1 movie-web:1.1.0 movie-web:1.0.3 movie-web:1.0.2 movie-web:1.0.1

11 Commits
finalize-e ... 434b2475cb

Author SHA1 Message Date
William Oldham
434b2475cb Merge pull request #22 from movie-web/feature/update-default-domains 
update default domain whitelist, remove movie-web references
 2024-03-04 20:49:24 +00:00
William Oldham
50166457b8 Merge pull request #21 from movie-web/fix/#952 
add firstPartyDomain for first-party isolation
 2024-03-04 20:48:19 +00:00
Jorrin
755bba3e1e update default domain whitelist, remove movie-web references 2024-03-03 20:20:34 +01:00
Jorrin
e7ca90b75f add firstPartyDomain for first-party isolation 2024-03-03 20:14:56 +01:00
Jorrin
d74f0abbf6 Merge pull request #20 from movie-web/fix/improve-error-message 
Improve "Domain is not whitelisted" error message
 2024-03-03 13:45:24 +01:00
Jorrin
cade0b50ab Add more details to the error message 2024-03-01 21:59:38 +01:00
Jorrin
1ac8147cdd add instruction to domain whitelist error message 2024-03-01 21:57:18 +01:00
William Oldham
6d1fa16553 Bump version 2024-02-21 18:53:08 +00:00
William Oldham
a8417c75a3 Merge pull request #18 from movie-web/fix/#904 
always create dynamic rule for fetch request
 2024-02-21 18:50:40 +00:00
Jorrin
abf26103e1 always create dynamic rule for fetch request 2024-02-15 14:17:08 +01:00
William Oldham
03e7649bc1 Merge pull request #17 from movie-web/finalize-extension 
Update texts + fix responsiveness of new pages
 2024-02-10 20:04:53 +00:00
6 changed files with 35 additions and 18 deletions
Expand all files Collapse all files

10
.github/SECURITY.md vendored
View File

@@ -2,13 +2,9 @@
## Supported Versions ## Supported Versions
The movie-web maintainers only support the latest version of movie-web published at https://movie-web.app. The latest version of movie-web is the only version that is supported, as it is the only version that is being actively developed.
This published version is equivalent to the master branch.
Support is not provided for any forks or mirrors of movie-web.
## Reporting a Vulnerability ## Reporting a Vulnerability
There are two ways you can contact the movie-web maintainers to report a vulnerability: You can contact the movie-web maintainers to report a vulnerability:
- Email [security@movie-web.app](mailto:security@movie-web.app) - Report the vulnerability in the [movie-web Discord server](https://movie-web.github.io/links/discord)
- Report the vulnerability in the [movie-web Discord server](https://discord.movie-web.app)

2
package.json
View File

@@ -1,7 +1,7 @@
{ {
"name": "@movie-web/extension", "name": "@movie-web/extension",
"displayName": "movie-web extension", "displayName": "movie-web extension",
"version": "1.1.0", "version": "1.1.1",
"description": "Enhance your movie-web experience with just one click", "description": "Enhance your movie-web experience with just one click",
"author": "movie-web", "author": "movie-web",
"scripts": { "scripts": {

16
src/background/messages/makeRequest.ts
View File

@@ -3,6 +3,7 @@ import type { PlasmoMessaging } from '@plasmohq/messaging';
import type { BaseRequest } from '~types/request'; import type { BaseRequest } from '~types/request';
import type { BaseResponse } from '~types/response'; import type { BaseResponse } from '~types/response';
import { removeDynamicRules, setDynamicRules } from '~utils/declarativeNetRequest'; import { removeDynamicRules, setDynamicRules } from '~utils/declarativeNetRequest';
import { isFirefox } from '~utils/extension';
import { makeFullUrl } from '~utils/fetcher'; import { makeFullUrl } from '~utils/fetcher';
import { assertDomainWhitelist } from '~utils/storage'; import { assertDomainWhitelist } from '~utils/storage';
@@ -52,13 +53,11 @@ const handler: PlasmoMessaging.MessageHandler<Request, Response<any>> = async (r
const url = makeFullUrl(req.body.url, req.body); const url = makeFullUrl(req.body.url, req.body);
await assertDomainWhitelist(req.sender.tab.url); await assertDomainWhitelist(req.sender.tab.url);
if (Object.keys(req.body.headers).length > 0) { await setDynamicRules({
await setDynamicRules({ ruleId: MAKE_REQUEST_DYNAMIC_RULE,
ruleId: MAKE_REQUEST_DYNAMIC_RULE, targetDomains: [new URL(url).hostname],
targetDomains: [new URL(url).hostname], requestHeaders: req.body.headers,
requestHeaders: req.body.headers, });
});
}
const response = await fetch(url, { const response = await fetch(url, {
method: req.body.method, method: req.body.method,
@@ -71,6 +70,9 @@ const handler: PlasmoMessaging.MessageHandler<Request, Response<any>> = async (r
const cookies = await (chrome || browser).cookies.getAll({ const cookies = await (chrome || browser).cookies.getAll({
url: response.url, url: response.url,
...(isFirefox() && {
firstPartyDomain: new URL(response.url).hostname,
}),
}); });
res.send({ res.send({

2
src/tabs/PermissionGrant.tsx
View File

@@ -8,7 +8,7 @@ export default function PermissionGrant() {
const { grantPermission } = usePermission(); const { grantPermission } = usePermission();
const queryParams = new URLSearchParams(window.location.search); const queryParams = new URLSearchParams(window.location.search);
const redirectUrl = queryParams.get('redirectUrl') ?? 'https://movie-web.app'; const redirectUrl = queryParams.get('redirectUrl') ?? 'https://mw.lonelil.ru';
const domain = makeUrlIntoDomain(redirectUrl); const domain = makeUrlIntoDomain(redirectUrl);
const redirectBack = () => { const redirectBack = () => {

8
src/utils/extension.ts
View File

@@ -1,3 +1,11 @@
export const isChrome = () => { export const isChrome = () => {
return chrome.runtime.getURL('').startsWith('chrome-extension://'); return chrome.runtime.getURL('').startsWith('chrome-extension://');
}; };
export const isFirefox = () => {
try {
return browser.runtime.getURL('').startsWith('moz-extension://');
} catch {
return false;
}
};

15
src/utils/storage.ts
View File

@@ -3,7 +3,14 @@ import { useStorage } from '@plasmohq/storage/hook';
import { makeUrlIntoDomain } from '~utils/domains'; import { makeUrlIntoDomain } from '~utils/domains';
export const DEFAULT_DOMAIN_WHITELIST = ['movie-web.app', 'dev.movie-web.app']; export const DEFAULT_DOMAIN_WHITELIST = [
'mw.lonelil.ru',
'watch.qtchaos.de',
'bmov.vercel.app',
'stream.thehairy.me',
'scootydooter.vercel.app',
'movie-web-me.vercel.app',
];
export const storage = new Storage(); export const storage = new Storage();
@@ -31,5 +38,9 @@ export const isDomainWhitelisted = async (url: string | undefined) => {
export const assertDomainWhitelist = async (url: string) => { export const assertDomainWhitelist = async (url: string) => {
const isWhiteListed = await isDomainWhitelisted(url); const isWhiteListed = await isDomainWhitelisted(url);
if (!isWhiteListed) throw new Error('Domain is not whitelisted'); const currentDomain = makeUrlIntoDomain(url);
if (!isWhiteListed)
throw new Error(
`${currentDomain} is not whitelisted. Open the extension and click on the power button to whitelist the site.`,
);
}; };