DarkBili - Dark Mode for bilibili.com
Version 0.3.8 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a solid user base of 10,000 users with a high rating of 4.8/5 from 66 reviews, indicating positive user experiences. The specific purpose of providing dark mode for bilibili.com is legitimate and commonly requested functionality. The author domain (darkbili.com) aligns with the extension's purpose, suggesting focused development.
The primary concern is the "Broad Host Permissions" finding, which allows access to all bilibili.com subdomains (https://*.bilibili.com/*). While this may be necessary for the extension to function across bilibili's various services and subdomains, it grants extensive access to a popular Chinese video platform where users may have personal accounts and viewing histories. The storage permission, while lower risk, allows the extension to retain user preferences and potentially other data locally.
This extension presents moderate risk due to its broad access to bilibili.com. Users should verify they trust the developer before installation. Consider reviewing the extension's actual behavior after installation to ensure it only modifies visual elements as intended. If you're particularly privacy-conscious or use bilibili for sensitive content, consider running this extension in a separate Chrome profile. The risk is mitigated by the extension's specific, legitimate purpose and positive user feedback, but the broad permissions warrant caution.
Findings
Security Analysis Details
Required Permissions:
- storage
Host Permissions:
- https://*.bilibili.com/*
Embedded URLs (14 total):
| https://reactjs.org/docs/error-decoder.html?invariant= | http://www.w3.org/1999/xlink | |
| http://www.w3.org/XML/1998/namespace | http://www.w3.org/2000/svg | |
| http://www.w3.org/1998/Math/MathML | http://www.w3.org/1999/xhtml | |
| https://github.com/flanker/bilibili-dark-mode | https://chromewebstore.google.com/detail/darkbili-dark-mode-for-bi/kpjklikhldpeiibfhadeogaaeenhffba | |
| https://darkbili.com | https://next.jsj.top/f/Ah3ZWx | |
| http://jedwatson.github.io/classnames | https://radix-ui.com/primitives/docs/components/alert-dialog | |
| https://radix-ui.com/primitives/docs/components/ | https://clients2.google.com/service/update2/crx |
Raw Manifest
{ "name": "DarkBili - Dark Mode for bilibili.com", "icons": { "16": "icon16.plasmo.6c567d50.png", "32": "icon32.plasmo.76b92899.png", "48": "icon48.plasmo.aced7582.png", "64": "icon64.plasmo.8bb5e6e0.png", "128": "icon128.plasmo.3c1ed2d2.png" }, "action": { "default_icon": { "16": "icon16.plasmo.6c567d50.png", "32": "icon32.plasmo.76b92899.png", "48": "icon48.plasmo.aced7582.png", "64": "icon64.plasmo.8bb5e6e0.png", "128": "icon128.plasmo.3c1ed2d2.png" }, "default_popup": "popup.html" }, "author": "fzhichao", "version": "0.3.8", "update_url": "https://clients2.google.com/service/update2/crx", "description": "Dark mode / night mode for bilibili.com", "permissions": [ "storage" ], "content_scripts": [ { "js": [ "dark-mode.99c53ba3.js" ], "css": [ "dark-mode.6f5fa4d9.css" ], "run_at": "document_start", "matches": [ "https://*.bilibili.com/*" ] } ], "host_permissions": [ "https://*.bilibili.com/*" ], "manifest_version": 3 }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.