+2

.gitignore

reviewed

··· 1 1 **/.DS_Store 2 2 + extension_packages/* 3 3 + extension_packages

+5

CHANGELOG.md

reviewed

··· 7 7 8 8 ## [Unreleased] 9 9 10 10 + ## [1.2.0] - 2023-05-03 11 11 + 12 12 + - Adds support for Firefox 13 13 + - Adds privacy consent dialog for Google DNS (required by Mozilla) 14 14 + 10 15 ## [1.1.0] - 2023-05-03 11 16 12 17 - use DID for profile url instead of domain name

+5 -1

README.md

reviewed

··· 2 2 3 3 [](https://chrome.google.com/webstore/detail/skylink-bluesky-did-detector/aflpfginfpjhanhkmdpohpggpolfopmb) 4 4 5 5 - A simple Chrome extension that detects if the current website is connected to a Bluesky user. 5 5 + A simple web extension that detects if the current website is connected to a Bluesky user. 6 6 7 7 Remember the good 'ol days of visiting someone's blog and being delighted when the "RSS" lit up in your browser? This is meant to capture that same magic. No more hunting on a page for a random bird icon to see if you can find their online profile. 8 8 ··· 17 17 As of April 30, 2023, Bluesky is still invite-only and the web app is at https://staging.bsky.app. 18 18 19 19 You can find me there at [@adhdjesse.com](https://staging.bsky.app/profile/adhdjesse.com) 20 20 + 21 21 + **Contributors:** 22 22 + 23 23 + [@danielhuckmann.com](https://staging.bsky.app/profile/danielhuckmann.com) - Firefox Support & Privacy Consent

+56 -19

background.js

reviewed

··· 1 1 - const tabsWithDID = new Map() 1 1 + // Set up cross-browser compatibility 2 2 + const runtime = typeof browser !== 'undefined' ? browser.runtime : chrome.runtime; 3 3 + const tabs = typeof browser !== 'undefined' ? browser.tabs : chrome.tabs; 4 4 + const storage = typeof browser !== 'undefined' ? browser.storage.local : chrome.storage.local; 5 5 + const action = typeof browser !== 'undefined' ? browser.browserAction : chrome.action; 2 6 3 3 - const bskyAppUrl = "https://staging.bsky.app" 7 7 + // On extension installation, check if privacy consent was already accepted and show it if not 8 8 + runtime.onInstalled.addListener(() => { 9 9 + storage.get("privacyConsentAccepted", ({ privacyConsentAccepted }) => { 10 10 + if (typeof privacyConsentAccepted === "undefined" || !privacyConsentAccepted) { 11 11 + tabs.create({ url: "privacy_consent.html" }); 12 12 + } 13 13 + }); 14 14 + }); 4 15 16 16 + // If the message 'SHOW_CONSENT' is received, open the privacy consent tab 17 17 + runtime.onMessage.addListener((message, sender, sendResponse) => { 18 18 + if (message.type === 'SHOW_CONSENT') { 19 19 + tabs.create({ url: "privacy_consent.html" }); 20 20 + } 21 21 + }); 22 22 + 23 23 + // Map to store tabs with DIDs 24 24 + const tabsWithDID = new Map(); 25 25 + 26 26 + // URL of the Bluesky Web Applications 27 27 + const bskyAppUrl = 'https://staging.bsky.app'; 28 28 + 29 29 + // Function to set the extension icon 5 30 function setIcon(tabId, iconName) { 6 6 - chrome.action.setIcon({ path: iconName, tabId }) 31 31 + action.setIcon({ path: iconName, tabId }); 7 32 } 8 33 9 9 - chrome.runtime.onInstalled.addListener(() => { 10 10 - chrome.tabs.query({}, (tabs) => { 11 11 - tabs.forEach((tab) => setIcon(tab.id, "logo48_gray.png")) 12 12 - }) 13 13 - }) 34 34 + // On extension installation, set the icon to gray for all tabs 35 35 + runtime.onInstalled.addListener(() => { 36 36 + tabs.query({}, (tabs) => { 37 37 + tabs.forEach((tab) => setIcon(tab.id, 'logo48_gray.png')); 38 38 + }); 39 39 + }); 14 40 15 15 - chrome.runtime.onMessage.addListener((message, sender, sendResponse) => { 41 41 + // When a message is received from the DNS check, set the icon color to blue. 42 42 + runtime.onMessage.addListener((message, sender, sendResponse) => { 16 43 if (message.type === "DID_FOUND") { 17 17 - setIcon(sender.tab.id, "logo48.png") 18 18 - tabsWithDID.set(sender.tab.id, message.did) 44 44 + setIcon(sender.tab.id, "logo48.png"); 45 45 + tabsWithDID.set(sender.tab.id, message.did); 19 46 } else { 20 20 - setIcon(sender.tab.id, "logo48_gray.png") 21 21 - tabsWithDID.delete(sender.tab.id) 47 47 + setIcon(sender.tab.id, "logo48_gray.png"); 48 48 + tabsWithDID.delete(sender.tab.id); 22 49 } 23 23 - }) 50 50 + }); 51 51 + 52 52 + // Open the consent page if it hasn't been accepted and the user clicks on the extension icon 53 53 + action.onClicked.addListener((tab) => { 54 54 + storage.get("privacyConsentAccepted", ({ privacyConsentAccepted }) => { 55 55 + if (typeof privacyConsentAccepted === "undefined" || !privacyConsentAccepted) { 56 56 + tabs.create({ url: "privacy_consent.html" }); 57 57 + } 58 58 + }); 59 59 + }); 24 60 25 25 - chrome.action.onClicked.addListener((tab) => { 26 26 - const did = tabsWithDID.get(tab.id) 61 61 + // When the extension icon is clicked, open the profile page if there's a DID 62 62 + action.onClicked.addListener((tab) => { 63 63 + const did = tabsWithDID.get(tab.id); 27 64 if (did) { 28 28 - const newUrl = `${bskyAppUrl}/profile/${did}` 29 29 - chrome.tabs.create({ url: newUrl }) 65 65 + const newUrl = `${bskyAppUrl}/profile/${did}`; 66 66 + tabs.create({ url: newUrl }); 30 67 } 31 31 - }) 68 68 + });

+86

build_extension.sh

reviewed

··· 1 1 + #!/bin/sh 2 2 + 3 3 + # This was tested on macOS 13.3.1 using the builtin zip command at /usr/bin/zip 4 4 + # It should also work on Linux, but I haven't tested it. 5 5 + 6 6 + check_zip() { 7 7 + if ! command -v zip >/dev/null 2>&1; then 8 8 + printf "zip command not found. Attempting to install...\n" 9 9 + if command -v apt-get >/dev/null 2>&1; then 10 10 + sudo apt-get install zip 11 11 + elif command -v dnf >/dev/null 2>&1; then 12 12 + sudo dnf install zip 13 13 + else 14 14 + printf "Cannot determine package manager. Please install 'zip' manually.\n" 15 15 + exit 1 16 16 + fi 17 17 + fi 18 18 + } 19 19 + 20 20 + check_zip 21 21 + 22 22 + clean() { 23 23 + rm -rf ./extension_packages/ff_build 24 24 + rm -rf ./extension_packages/chrome_build 25 25 + } 26 26 + 27 27 + build_firefox() { 28 28 + printf "Building Firefox Extension\n\n" 29 29 + mkdir -p ./extension_packages/ff_build 30 30 + cp manifest-firefox.json ./extension_packages/ff_build/manifest.json 31 31 + cp ./*.png ./*.js ./*.html ./*.md LICENSE ./extension_packages/ff_build/ 32 32 + zip -j ./extension_packages/skylink-firefox.zip ./extension_packages/ff_build/* 33 33 + printf "\nFirefox extension available at ./extension_packages/skylink-firefox.zip\n" 34 34 + } 35 35 + 36 36 + build_chrome() { 37 37 + printf "Building Chrome Extension\n\n" 38 38 + mkdir -p ./extension_packages/chrome_build 39 39 + cp manifest.json ./extension_packages/chrome_build/manifest.json 40 40 + cp ./*.png ./*.js ./*.html ./*.md LICENSE ./extension_packages/chrome_build/ 41 41 + zip -j ./extension_packages/skylink-chrome.zip ./extension_packages/chrome_build/* 42 42 + printf "\nChrome extension available at ./extension_packages/skylink-chrome.zip\n" 43 43 + } 44 44 + 45 45 + display_help() { 46 46 + echo "Usage: $0 [--firefox] [--chrome] [--all] [--help]" 47 47 + echo "Options:" 48 48 + echo " --firefox Build Firefox extension" 49 49 + echo " --chrome Build Chrome extension" 50 50 + echo " --all Build both Firefox and Chrome extensions" 51 51 + echo " --help Display this help message" 52 52 + } 53 53 + 54 54 + if [ $# -eq 0 ]; then 55 55 + display_help 56 56 + exit 0 57 57 + fi 58 58 + 59 59 + while [ $# -gt 0 ]; do 60 60 + case "$1" in 61 61 + --firefox) 62 62 + clean 63 63 + build_firefox 64 64 + ;; 65 65 + --chrome) 66 66 + clean 67 67 + build_chrome 68 68 + ;; 69 69 + --all) 70 70 + clean 71 71 + build_firefox 72 72 + printf "\n\n" 73 73 + build_chrome 74 74 + ;; 75 75 + --help) 76 76 + display_help 77 77 + exit 0 78 78 + ;; 79 79 + *) 80 80 + echo "Invalid option: $1" 81 81 + display_help 82 82 + exit 1 83 83 + ;; 84 84 + esac 85 85 + shift 86 86 + done

+57 -36

content.js

reviewed

··· 1 1 - function getDomainName() { 2 2 - const hostname = window.location.hostname 3 3 - return hostname.replace(/^www\./, "") 4 4 - } 1 1 + // Set up cross-browser compatibility 2 2 + const runtime = typeof browser !== 'undefined' ? browser.runtime : chrome.runtime; 3 3 + const tabs = typeof browser !== 'undefined' ? browser.tabs : chrome.tabs; 4 4 + const storage = typeof browser !== 'undefined' ? browser.storage.local : chrome.storage.local; 5 5 + 6 6 + // Main function to perform actions, but only if the privacy consent has been accepted 7 7 + function performAction(privacyConsentAccepted) { 8 8 + // If the user has accepted the privacy consent 9 9 + if (privacyConsentAccepted) { 10 10 + // Function to get the domain name from the current hostname 11 11 + function getDomainName() { 12 12 + const hostname = window.location.hostname; 13 13 + return hostname.replace(/^www\./, ''); 14 14 + } 15 15 + 16 16 + // Function to check for a DID in the domain's TXT records 17 17 + async function checkForDID(domain) { 18 18 + // We use Google's DNS over HTTPS API to resolve the TXT record 19 19 + const response = await fetch( 20 20 + `https://dns.google/resolve?name=_atproto.${domain}&type=TXT` 21 21 + ); 22 22 + const data = await response.json(); 5 23 6 6 - async function checkForDID(domain) { 7 7 - // We use Google's DNS over HTTPS API to resolve the TXT record 8 8 - const response = await fetch( 9 9 - `https://dns.google/resolve?name=_atproto.${domain}&type=TXT` 10 10 - ) 11 11 - const data = await response.json() 24 24 + // We use the TXT record type to avoid CORS issues 25 25 + const records = data?.Answer?.filter((record) => record.type === 16) || []; 12 26 13 13 - // We use the TXT record type to avoid CORS issues 14 14 - const records = data?.Answer?.filter((record) => record.type === 16) || [] 27 27 + // We filter out all records that are not TXT records 28 28 + const didRecord = records.find((record) => 29 29 + record.data.includes("did=did:plc:") 30 30 + ); 15 31 16 16 - // We filter out all records that are not TXT records 17 17 - const didRecord = records.find((record) => 18 18 - record.data.includes("did=did:plc:") 19 19 - ) 32 32 + // We return the DID if we found one 33 33 + return didRecord ? didRecord.data.replace("did=", "") : null; 34 34 + } 20 35 21 21 - // We return the DID if we found one 22 22 - return didRecord ? didRecord.data.replace("did=", "") : null 23 23 - } 36 36 + // We check for a DID on the current domain 37 37 + ;(async function () { 38 38 + const domain = getDomainName() 39 39 + const did = await checkForDID(domain) 24 40 25 25 - // We check for a DID on the current domain 26 26 - ;(async function () { 27 27 - const domain = getDomainName() 28 28 - const did = await checkForDID(domain) 41 41 + if (did) { 42 42 + chrome.runtime.sendMessage({ type: "DID_FOUND", did }) 43 43 + } else { 44 44 + chrome.runtime.sendMessage({ type: "DID_NOT_FOUND" }) 45 45 + } 46 46 + })(); 29 47 30 30 - if (did) { 31 31 - chrome.runtime.sendMessage({ type: "DID_FOUND", did }) 48 48 + // We listen for messages from the background script 49 49 + runtime.onMessage.addListener((message, sender, sendResponse) => { 50 50 + if (message.type === "GET_DID") { 51 51 + checkForDID(getDomainName()) 52 52 + .then((did) => sendResponse({ did })) 53 53 + .catch(() => sendResponse({ did: null })) 54 54 + return true // Indicate that the response will be sent asynchronously. 55 55 + } 56 56 + }); 32 57 } else { 33 33 - chrome.runtime.sendMessage({ type: "DID_NOT_FOUND" }) 58 58 + // Do nothing since the consent form has not been accepted. 59 59 + return; 34 60 } 35 35 - })() 61 61 + } 36 62 37 37 - // We listen for messages from the background script 38 38 - chrome.runtime.onMessage.addListener((message, sender, sendResponse) => { 39 39 - if (message.type === "GET_DID") { 40 40 - checkForDID(getDomainName()) 41 41 - .then((did) => sendResponse({ did })) 42 42 - .catch(() => sendResponse({ did: null })) 43 43 - return true // Indicate that the response will be sent asynchronously. 44 44 - } 45 45 - }) 63 63 + // Get the user's privacy consent from the storage and perform actions accordingly 64 64 + storage.get("privacyConsentAccepted", ({ privacyConsentAccepted }) => { 65 65 + performAction(privacyConsentAccepted); 66 66 + });

+35

manifest-firefox.json

reviewed

··· 1 1 + { 2 2 + "manifest_version": 2, 3 3 + "name": "SkyLink - Bluesky DID Detector", 4 4 + "short_name": "SkyLink", 5 5 + "version": "1.2.0", 6 6 + "author": "jesse@adhdjesse.com", 7 7 + "browser_action": { 8 8 + "default_icon": { 9 9 + "48": "logo48_gray.png", 10 10 + "128": "logo128_gray.png" 11 11 + } 12 12 + }, 13 13 + "icons": { 14 14 + "48": "logo48.png", 15 15 + "128": "logo128.png" 16 16 + }, 17 17 + "description": "Detects Decentralized Identifiers (DIDs) in a domain's TXT records and links to the associated Bluesky profile.", 18 18 + "permissions": ["activeTab", "tabs", "management", "storage", "<all_urls>"], 19 19 + "content_security_policy": "script-src 'self'; object-src 'self'", 20 20 + "background": { 21 21 + "scripts": ["background.js"] 22 22 + }, 23 23 + "content_scripts": [ 24 24 + { 25 25 + "matches": ["<all_urls>"], 26 26 + "js": ["content.js"] 27 27 + } 28 28 + ], 29 29 + "browser_specific_settings": { 30 30 + "gecko": { 31 31 + "id": "jesse@adhdjesse.com", 32 32 + "strict_min_version": "79.0" 33 33 + } 34 34 + } 35 35 + }

+2 -2

manifest.json

reviewed

··· 2 2 "manifest_version": 3, 3 3 "name": "SkyLink - Bluesky DID Detector", 4 4 "short_name": "SkyLink", 5 5 - "version": "1.1.0", 5 5 + "version": "1.2.0", 6 6 "author": "jesse@adhdjesse.com", 7 7 "action": { 8 8 "default_icon": { "48": "logo48_gray.png", "128": "logo128_gray.png" } 9 9 }, 10 10 "icons": { "48": "logo48.png", "128": "logo128.png" }, 11 11 "description": "Detects Decentralized Identifiers (DIDs) in a domain's TXT records and links to the associated Bluesky profile.", 12 12 - "permissions": ["activeTab", "tabs"], 12 12 + "permissions": ["activeTab", "tabs", "storage", "management"], 13 13 "background": { "service_worker": "background.js" }, 14 14 "content_scripts": [{ "matches": ["<all_urls>"], "js": ["content.js"] }] 15 15 }

+98

privacy_consent.html

reviewed

··· 1 1 + <!DOCTYPE html> 2 2 + <html lang="en"> 3 3 + <head> 4 4 + <meta charset="UTF-8"> 5 5 + <meta name="viewport" content="width=device-width, initial-scale=1.0"> 6 6 + <title>Skylink Privacy Consent</title> 7 7 + <style> 8 8 + html { 9 9 + line-height: 1.15; 10 10 + -webkit-text-size-adjust: 100%; 11 11 + } 12 12 + 13 13 + body { 14 14 + margin: 0; 15 15 + } 16 16 + 17 17 + h1 { 18 18 + font-size: 2em; 19 19 + margin: 0.67em 0; 20 20 + } 21 21 + 22 22 + a { 23 23 + background-color: transparent; 24 24 + } 25 25 + 26 26 + p { 27 27 + margin: 1em 0; 28 28 + } 29 29 + 30 30 + ul { 31 31 + margin: 1em 0; 32 32 + padding: 0 0 0 40px; 33 33 + } 34 34 + 35 35 + li { 36 36 + list-style-type: disc; 37 37 + margin: 0 0 0.25em 0; 38 38 + } 39 39 + 40 40 + button { 41 41 + font-family: inherit; 42 42 + font-size: 100%; 43 43 + line-height: 1.15; 44 44 + margin: 0; 45 45 + overflow: visible; 46 46 + text-transform: none; 47 47 + } 48 48 + 49 49 + button::-moz-focus-inner { 50 50 + border-style: none; 51 51 + padding: 0; 52 52 + } 53 53 + 54 54 + button:-moz-focusring { 55 55 + outline: 1px dotted ButtonText; 56 56 + } 57 57 + .centered-container { 58 58 + position: absolute; 59 59 + top: 50%; 60 60 + left: 50%; 61 61 + transform: translate(-50%, -50%); 62 62 + } 63 63 + </style> 64 64 + </head> 65 65 + <body> 66 66 + <div class="centered-container"> 67 67 + <h1>Privacy Consent for SkyLink - Bluesky DID Detector</h1> 68 68 + <p>While <b>no information is collected by the extension author</b>, this extension makes use of the <a href="https://developers.google.com/speed/public-dns/">Google DNS service</a> for required functionality.</p> 69 69 + <p>The Google DNS service is used because browser extensions do not have native access to DNS, which is needed to lookup the AT PROTO TXT record.</p> 70 70 + <p>A summary of what is collected by Google DNS: 71 71 + <ul> 72 72 + <li>the IP address of your device sending the DNS query</li> 73 73 + <li>Requested domain name</li> 74 74 + <li>Request type (TXT)</li> 75 75 + <li>Request Size</li> 76 76 + <li>Transport protocol (HTTPS)</li> 77 77 + <li>Client's autonomous system number</li> 78 78 + <li>User's geolocation: country, region, and city (no more specific than 1 km² and 1000 users)</li> 79 79 + <li>DNS Response code</li> 80 80 + <li>Google DNS server information</li> 81 81 + <li>Timestamp</li> 82 82 + <li>Processing time</li> 83 83 + <li>Response DNS flags (including AD, CD, DO, RD, and TC)</li> 84 84 + <li>Response size</li> 85 85 + <li>EDNS version</li> 86 86 + <li>EDNS option</li> 87 87 + <li>EDNS Client Subnet (ECS) (IP protocol and prefix length -- excluding the client IP address)</li> 88 88 + <li>Version string corresponding to HTTP path (/resolve)</li> 89 89 + <li>Response HTTP encoding, such as application/dns-message or json</li> 90 90 + </ul> 91 91 + </p> 92 92 + <p><a href="https://developers.google.com/speed/public-dns/privacy" target="_blank">Please Read and accept the full Google DNS privacy policy before using this addon.</a></p> 93 93 + <button id="accept">Accept (Continue)</button> 94 94 + <button id="decline">Decline (Remove Extension)</button> 95 95 + <script src="privacy_consent.js"></script> 96 96 + </div> 97 97 + </body> 98 98 + </html>

+13

privacy_consent.js

reviewed

··· 1 1 + // Set up cross-browser compatibility 2 2 + const runtime = typeof browser !== 'undefined' ? browser.runtime : chrome.runtime; 3 3 + const storage = typeof browser !== 'undefined' ? browser.storage.local : chrome.storage.local; 4 4 + const management = typeof browser !== 'undefined' ? browser.management : chrome.management; 5 5 + 6 6 + document.getElementById("accept").addEventListener("click", function () { 7 7 + storage.set({ privacyConsentAccepted: true }); 8 8 + window.close(); 9 9 + }); 10 10 + 11 11 + document.getElementById("decline").addEventListener("click", function () { 12 12 + management.uninstallSelf({ showConfirmDialog: true }); 13 13 + });