+128 -28

background.js

reviewed

··· 7 7 const action = 8 8 typeof browser !== "undefined" ? browser.browserAction : chrome.action 9 9 10 10 - // On extension installation, check if privacy consent was already accepted and show it if not 11 11 - runtime.onInstalled.addListener(() => { 12 12 - storage.get("privacyConsentAccepted", ({ privacyConsentAccepted }) => { 13 13 - if ( 14 14 - typeof privacyConsentAccepted === "undefined" || 15 15 - !privacyConsentAccepted 16 16 - ) { 17 17 - tabs.create({ url: "privacy_consent.html" }) 18 18 - } 19 19 - }) 20 20 - }) 10 10 + // The rest of the original background.js code... 11 11 + 12 12 + // Content.js code migrated to background.js 13 13 + // Make sure that we don't DoS the regex if someone supplies too large of a DID 14 14 + const MAX_DID_LENGTH = 255 15 15 + 16 16 + // Regular expression to validate the DID format 17 17 + // https://w3c.github.io/did-core/#did-syntax 18 18 + const didRegex = 19 19 + /^did:plc:([a-zA-Z0-9._-]+(:[a-zA-Z0-9._-]+)*|((%[0-9A-Fa-f]{2})|[a-zA-Z0-9._-])+(:((%[0-9A-Fa-f]{2})|[a-zA-Z0-9._-])+)*$)/ 20 20 + 21 21 + // Function to validate the DID string 22 22 + function isValidDID(didString) { 23 23 + return didString.length <= MAX_DID_LENGTH && didRegex.test(didString) 24 24 + } 25 25 + 26 26 + // Function to get the domain name from the current hostname 27 27 + function getDomainName(url) { 28 28 + const hostname = new URL(url).hostname 29 29 + return hostname.replace(/^www\./, "") 30 30 + } 21 31 22 22 - // If the message 'SHOW_CONSENT' is received, open the privacy consent tab 23 23 - runtime.onMessage.addListener((message) => { 24 24 - if (message.type === "SHOW_CONSENT") { 25 25 - tabs.create({ url: "privacy_consent.html" }) 32 32 + // Function to validate the domain name 33 33 + function isValidDomain(domain) { 34 34 + const MAX_DOMAIN_LENGTH = 255 35 35 + 36 36 + if (domain.length > MAX_DOMAIN_LENGTH) { 37 37 + return false 26 38 } 27 27 - }) 39 39 + 40 40 + try { 41 41 + // Use the build in URL constructor to validate the URL, if doesn't throw an error, the domain is valid 42 42 + // This is a better choice than a regex since it should properly support punycode/international domains 43 43 + new URL(`https://${domain}`) 44 44 + return true 45 45 + } catch (error) { 46 46 + // The URL constructor threw an error, so the domain is not valid 47 47 + return false 48 48 + } 49 49 + } 50 50 + 51 51 + // Function to check for a DID in the domain's TXT records 52 52 + async function checkForDIDDNS(domain) { 53 53 + try { 54 54 + const response = await fetch( 55 55 + `https://dns.google/resolve?name=_atproto.${domain}&type=TXT` 56 56 + ) 57 57 + const data = await response.json() 58 58 + 59 59 + // We use the TXT record type to avoid CORS issues 60 60 + const records = data?.Answer?.filter((record) => record.type === 16) || [] 61 61 + 62 62 + // We filter out all records that are not TXT records 63 63 + const didRecord = records.find((record) => 64 64 + record.data.includes("did=did:plc:") 65 65 + ) 66 66 + 67 67 + // We return the DID if we found one and it's valid 68 68 + return didRecord && isValidDID(didRecord.data.replace("did=", "")) 69 69 + ? didRecord.data.replace("did=", "") 70 70 + : null 71 71 + } catch (error) { 72 72 + return null 73 73 + } 74 74 + } 75 75 + 76 76 + // Function to check for a DID in the well-known (not .well-known) location 77 77 + async function checkForDIDHTTPS(domain) { 78 78 + try { 79 79 + const response = await fetch( 80 80 + `https://${domain}/xrpc/com.atproto.identity.resolveHandle` 81 81 + ) 82 82 + 83 83 + if (!response.headers.get("Content-Type")?.includes("application/json")) { 84 84 + throw new Error("Invalid Content-Type") 85 85 + } 86 86 + const data = await response.json() 87 87 + return data.did && isValidDID(data.did) ? data.did : null 88 88 + } catch (error) { 89 89 + return null 90 90 + } 91 91 + } 28 92 29 93 // Map to store tabs with DIDs 30 94 const tabsWithDID = new Map() 31 95 32 96 // URL of the Bluesky Web Applications 33 33 - const bskyAppUrl = "https://staging.bsky.app" 97 97 + const bskyAppUrl = "https://bsky.app" 34 98 35 99 // Function to set the extension icon 36 100 function setIcon(tabId, iconName) { 37 101 action.setIcon({ path: iconName, tabId }) 38 102 } 39 103 104 104 + // Main function to perform actions, but only if the privacy consent has been accepted 105 105 + function performAction(tab) { 106 106 + storage.get("privacyConsentAccepted", ({ privacyConsentAccepted }) => { 107 107 + // If the user has accepted the privacy consent 108 108 + if (privacyConsentAccepted) { 109 109 + const domain = getDomainName(tab.url) 110 110 + if (isValidDomain(domain)) { 111 111 + checkForDIDDNS(domain).then((domainDID) => { 112 112 + if (domainDID) { 113 113 + setIcon(tab.id, "logo48.png") 114 114 + tabsWithDID.set(tab.id, domainDID) 115 115 + } else { 116 116 + checkForDIDHTTPS(domain).then((httpsDID) => { 117 117 + if (httpsDID) { 118 118 + setIcon(tab.id, "logo48.png") 119 119 + tabsWithDID.set(tab.id, httpsDID) 120 120 + } else { 121 121 + setIcon(tab.id, "logo48_gray.png") 122 122 + tabsWithDID.delete(tab.id) 123 123 + } 124 124 + }) 125 125 + } 126 126 + }) 127 127 + } 128 128 + } 129 129 + }) 130 130 + } 131 131 + 132 132 + // Execute performAction when a tab is updated 133 133 + tabs.onUpdated.addListener((tabId, changeInfo, tab) => { 134 134 + if (changeInfo.status === "complete" && tab.active) { 135 135 + performAction(tab) 136 136 + } 137 137 + }) 138 138 + 139 139 + // On extension installation, check if privacy consent was already accepted and show it if not 140 140 + runtime.onInstalled.addListener(() => { 141 141 + storage.get("privacyConsentAccepted", ({ privacyConsentAccepted }) => { 142 142 + if ( 143 143 + typeof privacyConsentAccepted === "undefined" || 144 144 + !privacyConsentAccepted 145 145 + ) { 146 146 + tabs.create({ url: "privacy_consent.html" }) 147 147 + } 148 148 + }) 149 149 + }) 150 150 + 40 151 // On extension installation, set the icon to gray for all tabs 41 152 runtime.onInstalled.addListener(() => { 42 153 tabs.query({}, (tabs) => { 43 154 tabs.forEach((tab) => setIcon(tab.id, "logo48_gray.png")) 44 155 }) 45 45 - }) 46 46 - 47 47 - // When a message is received from the DNS check, set the icon color to blue. 48 48 - runtime.onMessage.addListener((message, sender) => { 49 49 - if (message.type === "DID_FOUND") { 50 50 - setIcon(sender.tab.id, "logo48.png") 51 51 - tabsWithDID.set(sender.tab.id, message.did) 52 52 - } else { 53 53 - setIcon(sender.tab.id, "logo48_gray.png") 54 54 - tabsWithDID.delete(sender.tab.id) 55 55 - } 56 156 }) 57 157 58 158 // Open the consent page if it hasn't been accepted and the user clicks on the extension icon

+2 -3

manifest.json

reviewed

··· 9 9 }, 10 10 "icons": { "48": "logo48.png", "128": "logo128.png" }, 11 11 "description": "Detects Decentralized Identifiers (DIDs) in a domain's TXT records and links to the associated Bluesky profile.", 12 12 - "permissions": ["activeTab", "storage"], 13 13 - "background": { "service_worker": "background.js" }, 14 14 - "content_scripts": [{ "matches": ["<all_urls>"], "js": ["content.js"] }] 12 12 + "permissions": ["tabs", "storage"], 13 13 + "background": { "service_worker": "background.js" } 15 14 }