我对chrome扩展程序不熟悉,但是尝试设置XSS检测器。我具有分别测试GET和POST的能力,所以我现在才对GET进行编程。该扩展程序已加载,但是当我从已知站点进行测试时,该扩展程序不执行任何操作。还要设置一无所获的控制台日志,所以我知道扩展名未正确挂接。对于为何无法正常工作的任何帮助,将不胜感激。
我已经在manifest.json中尝试过content_scripts,但随后在xss_detector.js中收到“未捕获的TypeError:无法读取未定义的属性'onBeforeRequest'”
manifest.json
{
"name": "XSS Detector",
"version": "1.0",
"manifest_version": 2,
"description": "xss detector and frame buster",
"permissions": ["tabs", "notifications", "<all_urls>", "webRequest"
"webRequestBlocking"],
"background": {
"scripts": ["xss_detector.js"],
"persistent": true
},
"browser_action": {
"default_title": "Detects and Busts!",
"default_icon": "icon.png"
}
}
xss_detector.js
chrome.webRequest.onBeforeRequest.addListener(function(details) {
const start_script_re = /.*(<div>\s*)?<script>.*<\/script>
(<\/div>\s*?.*/mi;
const end_script_re = null;
if (details.method === "GET") {
console.log("http get request");
if (decodeURI(details.url).match(start_script_re)) {
return {redirectURL:"javascript:"};
}
} else if (details.method === "POST") {
}
}, {
urls: ["<all_urls>"]
}, ["blocking", "requestBody"]);
manifest.json
{
"name": "XSS Detector",
"version": "1.0",
"manifest_version": 2,
"description": "xss detector and frame buster",
"permissions": ["tabs", "notifications", "<all_urls>", "webRequest", "webRequestBlocking"],
"background": {
"scripts": ["xss_detector.js"],
"persistent": true
},
"browser_action": {
"default_title": "Detects and Busts!",
"default_icon": "icon.png"
}
}