Skip to content
/ fb-anticlickjack Public

Cross-browser extension to automatically undo facebook’s downright shady link destination swapping

waterpigs.co.uk/notes/4srlft/

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

barnabywalters/fb-anticlickjack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
certificates
certificates
 
 
kango
kango
 
 
output
output
 
 
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
kango.py
kango.py
 
 

Repository files navigation

fb-anticlickjack

A cross-browser extension which automatically undoes facebook’s downright shady link destination swapping. More at waterpigs.co.uk/notes/4SRLft/

How to Install

fb-anticlickjack is cross-browser (courtesy of Kango) and can be installed on Safari, Firefox, Chrome or Opera.

  1. Clone the repo (downloads offered soon)
  2. Navigate to /output

Then, depending on your browser:

  • Chrome:
    1. Navigate to chrome://extensions
    2. If not already enabled, enable Dev Mode (top right)
    3. Load Unpacked Extension, and select /output/chrome
    4. fb-clickjack should pop up in the list of extensions. yay!
  • Safari:
    1. Open /output/fbanticlickjack.safariext
    2. Trust the extension and it shall be installed
  • Firefox:
    1. Tools -> Addons
    2. Extensions
    3. Little cog in the top right -> Install Add-on From File
    4. Select /output/fbanticlickjack_0.9.0.xpi
    5. Trust it
    6. Restart it
    7. Configure it
  • Opera:
    1. Open /output/fbanticlickjack_0.9.0.oex
    2. It will install and show you where the button is

Why?

Facebook does some über shady stuff. Take a look at this link markup:

<a href="http://action.sumofus.org/a/world-food-prize-monsanto-syngenta/5/4/?sub=fb"
	target="_blank"
	rel="nofollow"
	onmouseover="LinkshimAsyncLink.swap(this, &quot;http:\/\/action.sumofus.org\/a\/world-food-prize-monsanto-syngenta\/5\/4\/?sub=fb&quot;);"
	onclick="LinkshimAsyncLink.swap(this, &quot;http:\/\/www.facebook.com\/l.php?u=http\u00253A\u00252F\u00252Faction.sumofus.org\u00252Fa\u00252Fworld-food-prize-monsanto-syngenta\u00252F5\u00252F4\u00252F\u00253Fsub\u00253Dfb&amp;h=vAQGPZeS2&amp;enc=AZPU8l070clXWw6LHhO4o4DptNXHUJ-arcfAYrU_b9C9hbEWvbrlI_MaFREKw0ndh6ayQWiStDoBTzV4G_UAy8yAuDGtTxEFHVQMr7kfTgP0ummGczPBxRufyw3VG5TX_gA&amp;s=1&quot;);">They're giving the "Nobel Prize of Agriculture" to... Monsanto??</a>

Messy, huh? The point is, whilst the source of the link is perfectly legit, Facebook added some code which changes where the link points to as you click it. Predictably, it’s routed through their l.php redirector, which is tracking you.

Now, Facebook is more than likely already tracking everything you do, but there’s no reason to hand it over on a silver platter when it’s so easy to prevent.

About

Cross-browser extension to automatically undo facebook’s downright shady link destination swapping

waterpigs.co.uk/notes/4SRLft/

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages