Prorootect

Level 53
Verified
Luminous: JavaScript Events Blocker
upload_2018-2-18_22-8-17.png

Luminous: JavaScript events blocker – Add-ons for Firefox
Identify, analyze and block code execution and event collection through JavaScript in your browser with code interception.

An experimental extension to identify, analyze and block code execution and event collection through JavaScript in your browser.
- by gbaptista
Luminous JS Events Blocker it's compatible with Firefox 57+ only, for now...

- NEW Amazing Blocker For Everyone! ...

Source code released under GNU General Public License, version 3.0

Version 0.0.18
Released Feb. 15, 2018 - 369.1 KiB - Works with Firefox for Android 48.0 and later, compatible with Firefox 57+ only, for now...

And too on Chromium/ Google Chrome: Luminous: JavaScript events blocker

Changelog for this latest version:
- Fix headers with cookies (Github login issue).
- Fix original function calls (Maximum call stack size exceeded).
- Fix "handleEvent not defined" issue.

Changelog for precedent 0.0.17 version:
Released Feb. 14, 2018 - 400.9 KiB
- Use `sub_frame` for `webRequest.onCompleted` automatic settings.
- Use `sub_frame` for `webRequest.onBeforeRequest` tabId setter.
- Set cookies for settings.
- Create settings compressor (for cookies).
- Use `webNavigation.onCommitted` to inject settings.
- Use `onMessage` callback to inject settings.
- Options injection refactoring.
- Introducing debug_log method.
- and much more!..
Developer is very active!

About this extension
We have amazing projects like Lightbeam, NoScript, ScriptSafe, uBlock Origin, HTTPS Everywhere and many others. All have the proposal to identify and/ or prevent the execution of questionable codes and requests.

These tools are vital, but we inevitably need to make concessions to access many websites as we have a massive use of JavaScript on the web. When you access for example the Google Translate website, with a combo of 3 extensions (HTTPS Everywhere, uBlock Origin and ScriptSafe) and Luminous, we have the following result after a few moments:

- 6 requests influenced by HTTPS Everywhere
- 75 requests blocked by uBlock Origin
- 4 items blocked by ScriptSafe
- 7,6 thousand JavaScript executions detected by Luminous

It’s about this number (7,6 thousand) that we are lost and with hands tied, it’s there that we do not know what happens and we still do not have the freedom to decide what can or can’t be executed. This is the main purpose of the project, filling this gap and being able to see and control what happens. As a side effect we end up also having an interesting tool that helps in JavaScript code developing process by giving us visibility about what is happening.



Warning: This document has been automatically translated. Please send us a pull request if you find any errors.


  • Why?
  • Understanding the UI
  • How to install
  • Try it!
  • Going deeper
  • Guides
  • How to contribute
  • Known issues
  • Understanding the code
  • License
  • Donations
Why?

We have amazing projects like Lightbeam, NoScript, ScriptSafe, uBlock Origin, HTTPS Everywhere and many others. All have the proposal to identify and/ or prevent the execution of questionable codes and requests.


These tools are vital, but we inevitably need to make concessions to access many websites as we have a massive use of JavaScript on the web. When you access for example the Google Translate website, with a combo of 3 extensions (HTTPS Everywhere, uBlock Origin and ScriptSafe) and Luminous, we have the following result after a few moments:





  • 6 requests influenced by HTTPS Everywhere
  • 75 requests blocked by uBlock Origin
  • 4 items blocked by ScriptSafe
  • 7,6 thousand JavaScript executions detected by Luminous
It’s about this number (7,6 thousand) that we are lost and with hands tied, it’s there that we do not know what happens and we still do not have the freedom to decide what can or can’t be executed. This is the main purpose of the project, filling this gap and being able to see and control what happens. As a side effect we end up also having an interesting tool that helps in JavaScript code developing process by giving us visibility about what is happening.


Understanding the UI




How to install

Try it!

Install the extension and go to our demo page to experience and better understand how it works:





Going deeper

This experiment is part of a book being written about WebExtensions API from the perspective of themes like freedom and privacy in the digital world. If you want to receive news about the publication, please leave your email: Book about WebExtensions API, freedom and privacy.


While the book is not published, I suggest the following references to expand your view on the topic:


Guides

Guides are documents on many specific subjects where we can go deep into the details and easily find the information we are looking for.
See (on gbaptista.github.io) all guides.

________________________________________

This review:
Wow! this works great for me, needed to block a script, but not all the scripts as most other plugins do, could see what was working and not, site kept blocking me because of my ad blocker, boy did I fix that with this plugin and I'm a novice, so someone with a little more knowledge than me I'm sure could work wonders , now I'm going to try on other sites that like to play games with scripts, Great work so far.

Rated 5 out of 5
by rudecoyote, 11 days ago
 
Last edited:

Prorootect

Level 53
Verified
For now, I have heavy CPU load in my Nightly (Basilisk = Firefox 55) precedent version 2017.11.21 - but it works on this version...I have number of JS events/executions on the icon, and Settings page...so I'm lucky enough to have it on this Nightly precedent version!
- Cause Luminous JS Events Blocker it's compatible only with Firefox 57+ ... so doesn't work on Firefox ESR 52.6.0, and Nightly (Basilisk) new version 2018.01.28
Developer is very active, no problem.

I have the confidence in developer to make it work in my Firefox versions: ESR 52.6.0, and new Basilisk... we look forward to a new version

PS.:love:- latest trustworthy comment on Firefox add-on page:

"I don't know what this does, exactly, but I'm sure I like it."
Rated 5 out of 5
by Anonymous user 3a8ad8, 18 days ago
 
Last edited:

Prorootect

Level 53
Verified
In Settings/ badge counter tab - "what code executions should be included in the sum?"
- have these possibilities to notch:
* allowed + blocked
* allowed
* blocked

Allowed was notched, but if I notch "blocked", then no more counter digits on the badge... Don't block?
- sure I'm in a hurry so badly tested, I'm going out, see you soon.
 
  • Like
Reactions: Mr.X

Prorootect

Level 53
Verified
Hmm... is this add-on/extension for code developers, only...maybe?
You would have to know how to adjust the settings, but for the moment it's too difficult for me.

- and why this heavy CPU load, if it's enabled?... version 0.0.18 has the unresolved issues? - or is not compatible with my Nightly/Basilisk?...

What do you think about?...
 
Last edited:
  • Like
Reactions: Mr.X

Prorootect

Level 53
Verified
On the Luminous Chrome Web Store (under Developer tools"...) page we have today:
"This item has been disabled in Chrome."
- This means, that Chrome finds this extension bad.

"Code injections are harmful when they are made by someone else than the user."
Source here: stackoverflow.com: Why should we be aware of Code Injection in Javascript?

Use of JavaScript injections to manipulate the websites - it's bad hacker's idea...
 
  • Like
Reactions: Mr.X and harlan4096

Prorootect

Level 53
Verified
I can't find this...
So this means that someone clicked 'enable it' button, that's all.
So beware, not install it. Or remove it if you've installed it already.
I repeat, that it's under "Developer tools", then developer wrote in the description:
"tool that helps in JavaScript code developing process" - so it's tool for developers, it's not?
So it's not browser/web security tool.

I'm NOT a developer.
Unfortunately, I didn't have any response from MT members in this thread that could shed light on the subject, so I moved forward in the dark...
What is your opinion - perhaps it would be nice to just delete this topic?
What is your opinion, please...
 
Last edited:
  • Like
Reactions: harlan4096