[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Foxified

Version 2.1.4 View in Chrome Web Store

Last scanned: about 2 hours ago

Extension Details

Developer: foxified.org

Rating: 4.8 ★ (7K ratings)

Users: 800,000

Context-Aware Verdict

MEDIUM

Overall Risk

Based on 3 total findings, including 1 high-risk finding.

Findings

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

MEDIUM

Medium-Risk Permission: unlimitedStorage

This extension has the unlimitedStorage permission. Can store unlimited data locally.

Security Analysis Details

Required Permissions:

alarms
storage
unlimitedStorage
offscreen
scripting
sidePanel
declarativeNetRequestWithHostAccess

Optional Permissions:

tabs
downloads

Host Permissions:

https://addons.cdn.mozilla.net/user-media/addons/*

Embedded URLs (21 total):

https://fonts.googleapis.com/css2?family=Inter:wght@400	http://www.w3.org/2000/svg
https://addons.mozilla.org/en-US/firefox/addon/	https://foxified.org/warning
https://github.com/uuidjs/uuid#getrandomvalues-not-supported	https://www.google-analytics.com/mp/collect
https://addons.mozilla.org/firefox/downloads/latest/	http://stuartk.com/jszip
https://raw.github.com/Stuk/jszip/main/LICENSE.markdown.	https://github.com/nodeca/pako/blob/main/LICENSE
https://stuk.github.io/jszip/documentation/howto/read_zip.html	https://foxified.org/installed
https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/runtime/onMessage	http://www.w3.org/1999/xlink
http://www.w3.org/1998/Math/MathML	https://vuejs.org/error-reference/#runtime-
https://clients2.google.com/service/update2/crx	https://foxified.org
https://addons.mozilla.org/	https://addons.cdn.mozilla.net/user-media/addons/
https://foxified.org/

Raw Manifest

{
  "name": "__MSG_extName__",
  "icons": {
    "16": "assets/img/icon-16px.png",
    "19": "assets/img/icon-19px.png",
    "38": "assets/img/icon-38px.png",
    "48": "assets/img/icon-48px.png",
    "128": "assets/img/icon-128px.png"
  },
  "action": {
    "default_icon": "assets/img/icon-38px.png",
    "default_popup": "ff-popup.html"
  },
  "author": "Foxified",
  "sandbox": {
    "pages": [
      "ff-sandbox.html"
    ]
  },
  "version": "2.1.4",
  "background": {
    "service_worker": "assets/js/ff-background.js"
  },
  "options_ui": {
    "page": "ff-options.html",
    "open_in_tab": true
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "__MSG_extDescription__",
  "permissions": [
    "alarms",
    "storage",
    "unlimitedStorage",
    "offscreen",
    "scripting",
    "sidePanel",
    "declarativeNetRequestWithHostAccess"
  ],
  "homepage_url": "https://foxified.org",
  "default_locale": "en",
  "content_scripts": [
    {
      "js": [
        "assets/js/ff-store.js"
      ],
      "run_at": "document_start",
      "matches": [
        "https://addons.mozilla.org/*/firefox/addon/*"
      ]
    }
  ],
  "host_permissions": [
    "https://addons.cdn.mozilla.net/user-media/addons/*"
  ],
  "manifest_version": 3,
  "optional_permissions": [
    "tabs",
    "downloads"
  ],
  "externally_connectable": {
    "matches": [
      "https://foxified.org/*"
    ]
  },
  "minimum_chrome_version": "120",
  "web_accessible_resources": [
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "ff-options.html",
        "ff-sandbox.html"
      ]
    }
  ],
  "optional_host_permissions": [
    "http://*/*",
    "https://*/*"
  ]
}

by ✦ Astarte

Foxified

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Optional Permissions:

Host Permissions:

Embedded URLs (21 total):

Raw Manifest

Detections

Manifest Findings