Skip to content

teodorszeltins/noolbenger

BranchesTags

Repository files navigation

A tiny tool to detect if a page visitor has Honey Chrome extension installed and running.

Demo

https://teodorszeltins.github.io/noolbenger

Why?

Honey, a popular browser extension, has recently been revealed to scam both users and content creators. Unfortunately, many of Honey’s users still remain unaware. If you are a website owner, you can use this detection script to warn them about the risks of using Honey.

Usage

Install the noolbenger npm package:

npm install noolbenger

Run the check in your code:

import noolbenger from "noolbenger"

let foundHoney = await noolbenger.track()

How is this even possible?

It shouldn't be, and it certainly sounds like a violation of privacy. Unfortunately, it is, and it does. It works because of web accessible resources defined in a Chrome extension's manifest.json. Like the name implies, these “web accessible” resources can be looked up by anyone capable enough to use fetch(). From here, you can continue with nefarious activities, such as fingerprinting website visitors.

About

A tiny tool to detect if a page visitor has Honey Chrome extension installed and running.

teodorszeltins.github.io/noolbenger/

Topics

chrome typescript chrome-extensions

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v1.1.2 Latest
Feb 4, 2025
+ 1 release

Contributors

Languages